rapid7
diff --git a/‎data/markdown_doc/default_template.erb
Lines changed: 6 additions & 0 deletions b/‎data/markdown_doc/default_template.erb
Lines changed: 6 additions & 0 deletions
diff --git a/‎lib/msf/core/constants.rb
Lines changed: 6 additions & 0 deletions b/‎lib/msf/core/constants.rb
Lines changed: 6 additions & 0 deletions
diff --git a/‎modules/auxiliary/fileformat/badpdf.rb
Lines changed: 6 additions & 1 deletion b/‎modules/auxiliary/fileformat/badpdf.rb
Lines changed: 6 additions & 1 deletion
diff --git a/‎modules/auxiliary/gather/advantech_webaccess_creds.rb
Lines changed: 6 additions & 1 deletion b/‎modules/auxiliary/gather/advantech_webaccess_creds.rb
Lines changed: 6 additions & 1 deletion
diff --git a/‎modules/auxiliary/gather/alienvault_iso27001_sqli.rb
Lines changed: 6 additions & 1 deletion b/‎modules/auxiliary/gather/alienvault_iso27001_sqli.rb
Lines changed: 6 additions & 1 deletion
diff --git a/‎modules/auxiliary/gather/alienvault_newpolicyform_sqli.rb
Lines changed: 6 additions & 1 deletion b/‎modules/auxiliary/gather/alienvault_newpolicyform_sqli.rb
Lines changed: 6 additions & 1 deletion
diff --git a/‎modules/auxiliary/gather/android_browser_file_theft.rb
Lines changed: 6 additions & 1 deletion b/‎modules/auxiliary/gather/android_browser_file_theft.rb
Lines changed: 6 additions & 1 deletion
diff --git a/‎modules/auxiliary/gather/android_browser_new_tab_cookie_theft.rb
Lines changed: 6 additions & 1 deletion b/‎modules/auxiliary/gather/android_browser_new_tab_cookie_theft.rb
Lines changed: 6 additions & 1 deletion
diff --git a/‎modules/auxiliary/gather/android_htmlfileprovider.rb
Lines changed: 6 additions & 1 deletion b/‎modules/auxiliary/gather/android_htmlfileprovider.rb
Lines changed: 6 additions & 1 deletion
diff --git a/‎modules/auxiliary/gather/android_object_tag_webview_uxss.rb
Lines changed: 6 additions & 1 deletion b/‎modules/auxiliary/gather/android_object_tag_webview_uxss.rb
Lines changed: 6 additions & 1 deletion
@@ -67,6 +67,8 @@
 <% description = "Module may cause a noise (Examples: audio output from the speakers or hardware beeps)." %>
 <% elsif side_effect == "physical-effects" %>
 <% description = "Module may produce physical effects (Examples: the device makes movement or flashes LEDs)." %>
+<% elsif side_effect == "unknown-side-effects" %>
+<% description = "Module side effects are unknown." %>
 <% end %>
 
 * **<%= side_effect %>:** <%= description %>
@@ -85,6 +87,8 @@
 <% description = "The module isn't expected to get a shell reliably (such as only once)." %>
 <% elsif reliability == "event-dependent" %>
 <% description = "The module may not execute the payload until an external event occurs. For instance, a cron job, machine restart, user interaction within a GUI element, etc." %>
+<% elsif reliability == "unknown-reliability" %>
+<% description = "Module reliability is unknown." %>
 <% end %>
 
 * **<%= reliability %>:** <%= description %>
@@ -109,6 +113,8 @@
 <% description = "Module may cause a resource (such as a file or data in a database) to be unavailable for the service." %>
 <% elsif stability == "os-resource-loss" %>
 <% description = "Modules may cause a resource (such as a file) to be unavailable for the OS." %>
+<% elsif stability == "unknown-stability" %>
+<% description = "Module stability is unknown." %>
 <% end %>
 
 * **<%= stability %>:** <%= description %>
 
@@ -55,6 +55,8 @@ module Msf
 # Stability traits
 #
 
+# Module stability is unknown - this is a sentinel value, and is not a valid stability enum value
+UNKNOWN_STABILITY      = ['unknown-stability']
 # Module should not crash the service.
 CRASH_SAFE             = 'crash-safe'
 # Module may crash the service, but the service restarts.
@@ -74,6 +76,8 @@ module Msf
 # Side-effect traits
 #
 
+# Module side effects is unknown - this is a sentinel value, and is not a valid side effect enum value
+UNKNOWN_SIDE_EFFECTS = ['unknown-side-effects']
 # Modules leaves a payload or a dropper on the target machine.
 ARTIFACTS_ON_DISK = 'artifacts-on-disk'
 # Module modifies some configuration setting on the target machine.
@@ -95,6 +99,8 @@ module Msf
 # Reliability
 #
 
+# Module reliability is unknown - this is a sentinel value, and is not a valid reliability enum value
+UNKNOWN_RELIABILITY = ['unknown-reliability']
 # The module tends to fail to get a session on the first attempt.
 FIRST_ATTEMPT_FAIL = 'first-attempt-fail'
 # The module is expected to get a shell every time it runs.
 
@@ -27,7 +27,12 @@ def initialize(info = {})
         'References' => [
           ['CVE', '2018-4993'],
           ['URL', 'https://research.checkpoint.com/ntlm-credentials-theft-via-pdf-files/']
-        ]
+        ],
+        'Notes' => {
+          'Reliability' => UNKNOWN_RELIABILITY,
+          'Stability' => UNKNOWN_STABILITY,
+          'SideEffects' => UNKNOWN_SIDE_EFFECTS
+        }
       )
       )
     register_options(
 
@@ -26,7 +26,12 @@ def initialize(info = {})
           ['CVE', '2016-5810'],
           ['URL', 'https://github.com/rapid7/metasploit-framework/pull/7859#issuecomment-274305229']
         ],
-        'DisclosureDate' => '2017-01-21'
+        'DisclosureDate' => '2017-01-21',
+        'Notes' => {
+          'Reliability' => UNKNOWN_RELIABILITY,
+          'Stability' => UNKNOWN_STABILITY,
+          'SideEffects' => UNKNOWN_SIDE_EFFECTS
+        }
       )
     )
 
 
@@ -29,7 +29,12 @@ def initialize(info = {})
         },
         'Platform' => ['linux'],
         'Privileged' => false,
-        'DisclosureDate' => '2014-03-30'
+        'DisclosureDate' => '2014-03-30',
+        'Notes' => {
+          'Reliability' => UNKNOWN_RELIABILITY,
+          'Stability' => UNKNOWN_STABILITY,
+          'SideEffects' => UNKNOWN_SIDE_EFFECTS
+        }
       )
     )
 
 
@@ -31,7 +31,12 @@ def initialize(info = {})
           'SSL' => true
         },
         'Privileged' => false,
-        'DisclosureDate' => '2014-05-09'
+        'DisclosureDate' => '2014-05-09',
+        'Notes' => {
+          'Reliability' => UNKNOWN_RELIABILITY,
+          'Stability' => UNKNOWN_STABILITY,
+          'SideEffects' => UNKNOWN_SIDE_EFFECTS
+        }
       )
     )
 
 
@@ -29,7 +29,12 @@ def initialize(info = {})
           ['URL', 'https://android.googlesource.com/platform/packages/apps/Browser/+/d2391b492dec778452238bc6d9d549d56d41c107%5E%21/#F0'],
           ['URL', 'https://bugs.chromium.org/p/chromium/issues/detail?id=90222'] # the UXSS
         ],
-        'DefaultAction' => 'WebServer'
+        'DefaultAction' => 'WebServer',
+        'Notes' => {
+          'Reliability' => UNKNOWN_RELIABILITY,
+          'Stability' => UNKNOWN_STABILITY,
+          'SideEffects' => UNKNOWN_SIDE_EFFECTS
+        }
       )
     )
 
 
@@ -34,7 +34,12 @@ def initialize(info = {})
           ['URL', 'https://android.googlesource.com/platform/packages/apps/Browser/+/d2391b492dec778452238bc6d9d549d56d41c107%5E%21/#F0'],
           ['URL', 'http://www.rafayhackingarticles.net/2014/12/android-browser-cross-scheme-data.html']
         ],
-        'DefaultAction' => 'WebServer'
+        'DefaultAction' => 'WebServer',
+        'Notes' => {
+          'Reliability' => UNKNOWN_RELIABILITY,
+          'Stability' => UNKNOWN_STABILITY,
+          'SideEffects' => UNKNOWN_SIDE_EFFECTS
+        }
       )
     )
 
 
@@ -31,7 +31,12 @@ def initialize(info = {})
           [ 'CVE', '2010-4804' ],
           [ 'URL', 'http://thomascannon.net/blog/2010/11/android-data-stealing-vulnerability/' ]
         ],
-        'DefaultAction' => 'WebServer'
+        'DefaultAction' => 'WebServer',
+        'Notes' => {
+          'Reliability' => UNKNOWN_RELIABILITY,
+          'Stability' => UNKNOWN_STABILITY,
+          'SideEffects' => UNKNOWN_SIDE_EFFECTS
+        }
       )
     )
 
 
@@ -40,7 +40,12 @@ def initialize(info = {})
           [ 'URL', 'http://trac.webkit.org/changeset/96826/webkit' ]
         ],
         'DefaultAction' => 'WebServer',
-        'DisclosureDate' => '2014-10-04'
+        'DisclosureDate' => '2014-10-04',
+        'Notes' => {
+          'Reliability' => UNKNOWN_RELIABILITY,
+          'Stability' => UNKNOWN_STABILITY,
+          'SideEffects' => UNKNOWN_SIDE_EFFECTS
+        }
       )
     )
Original file line number	Diff line number	Diff line change
`@@ -27,7 +27,12 @@ def initialize(info = {})`
`27`	`27`	`'References' => [`
`28`	`28`	`['CVE', '2018-4993'],`
`29`	`29`	`['URL', 'https://research.checkpoint.com/ntlm-credentials-theft-via-pdf-files/']`
`30`		`- ]`
	`30`	`+ ],`
	`31`	`+ 'Notes' => {`
	`32`	`+ 'Reliability' => UNKNOWN_RELIABILITY,`
	`33`	`+ 'Stability' => UNKNOWN_STABILITY,`
	`34`	`+ 'SideEffects' => UNKNOWN_SIDE_EFFECTS`
	`35`	`+ }`
`31`	`36`	`)`
`32`	`37`	`)`
`33`	`38`	`register_options(`
Original file line number	Diff line number	Diff line change
`@@ -26,7 +26,12 @@ def initialize(info = {})`
`26`	`26`	`['CVE', '2016-5810'],`
`27`	`27`	`['URL', 'https://github.com/rapid7/metasploit-framework/pull/7859#issuecomment-274305229']`
`28`	`28`	`],`
`29`		`- 'DisclosureDate' => '2017-01-21'`
	`29`	`+ 'DisclosureDate' => '2017-01-21',`
	`30`	`+ 'Notes' => {`
	`31`	`+ 'Reliability' => UNKNOWN_RELIABILITY,`
	`32`	`+ 'Stability' => UNKNOWN_STABILITY,`
	`33`	`+ 'SideEffects' => UNKNOWN_SIDE_EFFECTS`
	`34`	`+ }`
`30`	`35`	`)`
`31`	`36`	`)`
`32`	`37`
Original file line number	Diff line number	Diff line change
`@@ -29,7 +29,12 @@ def initialize(info = {})`
`29`	`29`	`},`
`30`	`30`	`'Platform' => ['linux'],`
`31`	`31`	`'Privileged' => false,`
`32`		`- 'DisclosureDate' => '2014-03-30'`
	`32`	`+ 'DisclosureDate' => '2014-03-30',`
	`33`	`+ 'Notes' => {`
	`34`	`+ 'Reliability' => UNKNOWN_RELIABILITY,`
	`35`	`+ 'Stability' => UNKNOWN_STABILITY,`
	`36`	`+ 'SideEffects' => UNKNOWN_SIDE_EFFECTS`
	`37`	`+ }`
`33`	`38`	`)`
`34`	`39`	`)`
`35`	`40`
Original file line number	Diff line number	Diff line change
`@@ -31,7 +31,12 @@ def initialize(info = {})`
`31`	`31`	`'SSL' => true`
`32`	`32`	`},`
`33`	`33`	`'Privileged' => false,`
`34`		`- 'DisclosureDate' => '2014-05-09'`
	`34`	`+ 'DisclosureDate' => '2014-05-09',`
	`35`	`+ 'Notes' => {`
	`36`	`+ 'Reliability' => UNKNOWN_RELIABILITY,`
	`37`	`+ 'Stability' => UNKNOWN_STABILITY,`
	`38`	`+ 'SideEffects' => UNKNOWN_SIDE_EFFECTS`
	`39`	`+ }`
`35`	`40`	`)`
`36`	`41`	`)`
`37`	`42`
Original file line number	Diff line number	Diff line change
`@@ -34,7 +34,12 @@ def initialize(info = {})`
`34`	`34`	`['URL', 'https://android.googlesource.com/platform/packages/apps/Browser/+/d2391b492dec778452238bc6d9d549d56d41c107%5E%21/#F0'],`
`35`	`35`	`['URL', 'http://www.rafayhackingarticles.net/2014/12/android-browser-cross-scheme-data.html']`
`36`	`36`	`],`
`37`		`- 'DefaultAction' => 'WebServer'`
	`37`	`+ 'DefaultAction' => 'WebServer',`
	`38`	`+ 'Notes' => {`
	`39`	`+ 'Reliability' => UNKNOWN_RELIABILITY,`
	`40`	`+ 'Stability' => UNKNOWN_STABILITY,`
	`41`	`+ 'SideEffects' => UNKNOWN_SIDE_EFFECTS`
	`42`	`+ }`
`38`	`43`	`)`
`39`	`44`	`)`
`40`	`45`
Original file line number	Diff line number	Diff line change
`@@ -40,7 +40,12 @@ def initialize(info = {})`
`40`	`40`	`[ 'URL', 'http://trac.webkit.org/changeset/96826/webkit' ]`
`41`	`41`	`],`
`42`	`42`	`'DefaultAction' => 'WebServer',`
`43`		`- 'DisclosureDate' => '2014-10-04'`
	`43`	`+ 'DisclosureDate' => '2014-10-04',`
	`44`	`+ 'Notes' => {`
	`45`	`+ 'Reliability' => UNKNOWN_RELIABILITY,`
	`46`	`+ 'Stability' => UNKNOWN_STABILITY,`
	`47`	`+ 'SideEffects' => UNKNOWN_SIDE_EFFECTS`
	`48`	`+ }`
`44`	`49`	`)`
`45`	`50`	`)`
`46`	`51`