From 83681d5f8126f5139e24c9a443f20dfc12ab822a Mon Sep 17 00:00:00 2001
From: giveen <ajaxx20020@gmail.com>
Date: Wed, 14 Jan 2026 14:07:41 -0700
Subject: [PATCH] mcp: wait for msfrpcd readiness and log msfrpcd output for
 debugging

---
 pentestagent/mcp/metasploit_adapter.py | 14 ++++++++++++--
 scripts/setup.sh                       |  9 ++++++---
 2 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/pentestagent/mcp/metasploit_adapter.py b/pentestagent/mcp/metasploit_adapter.py
index d86ec85..e696d0e 100644
--- a/pentestagent/mcp/metasploit_adapter.py
+++ b/pentestagent/mcp/metasploit_adapter.py
@@ -124,8 +124,18 @@ class MetasploitAdapter:
             # Start reader to capture msfrpcd logs
             loop = asyncio.get_running_loop()
             loop.create_task(self._capture_msfrpcd_output())
-            # Give msfrpcd a moment to start
-            await asyncio.sleep(0.5)
+
+            # Poll the msfrpcd TCP socket until it's accepting connections or timeout
+            import socket
+            deadline = asyncio.get_event_loop().time() + 10.0
+            while asyncio.get_event_loop().time() < deadline:
+                try:
+                    with socket.create_connection((msf_server, msf_port), timeout=1):
+                        return
+                except Exception:
+                    await asyncio.sleep(0.5)
+            # If we fallthrough, msfrpcd didn't become ready in time
+            return
         except Exception:
             return
 
diff --git a/scripts/setup.sh b/scripts/setup.sh
index 0768d8f..3dea4bd 100644
--- a/scripts/setup.sh
+++ b/scripts/setup.sh
@@ -151,12 +151,15 @@ if [ "${LAUNCH_METASPLOIT_MCP,,}" = "true" ] && [ -n "${MSF_PASSWORD:-}" ]; then
         # interface and does not require root privileges on modern systems for ephemeral ports.
         msfrpcd_cmd=$(command -v msfrpcd || true)
         if [ -n "$msfrpcd_cmd" ]; then
+            LOG_DIR="loot/artifacts"
+            mkdir -p "$LOG_DIR"
+            MSF_LOG="$LOG_DIR/metasploit_msfrpcd.log"
             if [ "${MSF_SSL,,}" = "true" ] || [ "${MSF_SSL}" = "1" ]; then
-                "$msfrpcd_cmd" -U "$MSF_USER" -P "$MSF_PASSWORD" -a "$MSF_SERVER" -p "$MSF_PORT" -S &>/dev/null &
+                "$msfrpcd_cmd" -U "$MSF_USER" -P "$MSF_PASSWORD" -a "$MSF_SERVER" -p "$MSF_PORT" -S >"$MSF_LOG" 2>&1 &
             else
-                "$msfrpcd_cmd" -U "$MSF_USER" -P "$MSF_PASSWORD" -a "$MSF_SERVER" -p "$MSF_PORT" &>/dev/null &
+                "$msfrpcd_cmd" -U "$MSF_USER" -P "$MSF_PASSWORD" -a "$MSF_SERVER" -p "$MSF_PORT" >"$MSF_LOG" 2>&1 &
             fi
-            echo "msfrpcd started (check with: ss -ltn | grep $MSF_PORT)"
+            echo "msfrpcd started (logs: $MSF_LOG)"
         else
             echo "msfrpcd not found; please install Metasploit Framework to enable Metasploit RPC."
         fi