Merge branch 'master' into staging/rails-4.0

Conflicts:
	Gemfile.lock
	db/schema.rb
	lib/msf/core/db_manager/session.rb
	metasploit-framework-db.gemspec

Author: mbuck-r7

.gitignore

@@ -67,17 +67,7 @@ external/source/exploits/**/Release
 
 # Avoid checking in Meterpreter binaries. These are supplied upstream by
 # the meterpreter_bins gem.
-data/meterpreter/elevator.*.dll
-data/meterpreter/ext_server_espia.*.dll
-data/meterpreter/ext_server_extapi.*.dll
-data/meterpreter/ext_server_incognito.*.dll
-data/meterpreter/ext_server_kiwi.*.dll
-data/meterpreter/ext_server_lanattacks.*.dll
-data/meterpreter/ext_server_mimikatz.*.dll
-data/meterpreter/ext_server_priv.*.dll
-data/meterpreter/ext_server_stdapi.*.dll
-data/meterpreter/metsrv.*.dll
-data/meterpreter/screenshot.*.dll
+data/meterpreter/*.dll
 
 # Avoid checking in Meterpreter libs that are built from
 # private source. If you're interested in this functionality,

CONTRIBUTING.md

@@ -4,8 +4,8 @@ Thanks for your interest in making Metasploit -- and therefore, the
 world -- a better place!
 
 Are you about to report a bug? Sorry to hear it. Here's our [Issue tracker].
-Please try to be as specific as you can about your problem, include steps
-to reproduce (cut and paste from your console output if it's helpful), and
+Please try to be as specific as you can about your problem; include steps
+to reproduce (cut and paste from your console output if it's helpful) and
 what you were expecting to happen.
 
 Are you about to report a security vulnerability in Metasploit itself?
@@ -18,7 +18,7 @@ Metasploit module? If so, read on...
 
 # Contributing to Metasploit
 
-What you see here in CONTRIBUTING.md is a bullet-point list of the do's
+What you see here in CONTRIBUTING.md is a bullet point list of the do's
 and don'ts of how to make sure *your* valuable contributions actually
 make it into Metasploit's master branch.
 
@@ -27,7 +27,7 @@ closed. Sorry!
 
 This is intended to be a **short** list. The [wiki] is much more
 exhaustive and reveals many mysteries. If you read nothing else, take a
-look at the standard [development environment setup] guide,
+look at the standard [development environment setup] guide
 and Metasploit's [Common Coding Mistakes].
 
 ## Code Contributions
@@ -52,7 +52,7 @@ Pull requests [PR#2940] and [PR#3043] are a couple good examples to follow.
 #### New Modules
 
 * **Do** run `tools/msftidy.rb` against your module and fix any errors or warnings that come up.
-  - Even better would be to set up `msftidy.rb` as a [pre-commit hook].
+  - It would be even better to set up `msftidy.rb` as a [pre-commit hook].
 * **Do** use the many module mixin [API]s. Wheel improvements are welcome; wheel reinventions, not so much.
 * **Don't** include more than one module per pull request.
 
@@ -80,19 +80,19 @@ Pull requests [PR#2940] and [PR#3043] are a couple good examples to follow.
 * **Do** report vulnerabilities in Rapid7 software directly to [email protected].
 * **Do** write a detailed description of your bug and use a descriptive title.
 * **Do** include reproduction steps, stack traces, and anything else that might help us verify and fix your bug.
-* **Don't** file duplicate reports - search for your bug before filing a new report.
+* **Don't** file duplicate reports; search for your bug before filing a new report.
 
 If you need some more guidance, talk to the main body of open
-source contributors over on the [Freenode IRC channel]
-or e-mail us at [metasploit-hackers] mailing list.
+source contributors over on the [Freenode IRC channel],
+or e-mail us at the [metasploit-hackers] mailing list.
 
 Also, **thank you** for taking the few moments to read this far! You're
 already way ahead of the curve, so keep it up!
 
 [Issue Tracker]:http://r-7.co/MSF-BUGv1
 [PGP key]:http://pgp.mit.edu:11371/pks/lookup?op=vindex&search=0x2380F85B8AD4DB8D
 [wiki]:https://github.com/rapid7/metasploit-framework/wiki
-[scripts]: https://github.com/rapid7/metasploit-framework/tree/master/scripts
+[scripts]:https://github.com/rapid7/metasploit-framework/tree/master/scripts
 [development environment setup]:http://r-7.co/MSF-DEV
 [Common Coding Mistakes]:https://github.com/rapid7/metasploit-framework/wiki/Common-Metasploit-Module-Coding-Mistakes
 [Ruby style guide]:https://github.com/bbatsov/ruby-style-guide
@@ -104,10 +104,10 @@ already way ahead of the curve, so keep it up!
 [PR#2940]:https://github.com/rapid7/metasploit-framework/pull/2940
 [PR#3043]:https://github.com/rapid7/metasploit-framework/pull/3043
 [pre-commit hook]:https://github.com/rapid7/metasploit-framework/blob/master/tools/dev/pre-commit-hook.rb
-[API]:https://rapid7.github.io/metasploit-framework/api/
-[RSpec]:http://rspec.info/
-[Better Specs]:http://betterspecs.org/
-[YARD]:http://yardoc.org/
+[API]:https://rapid7.github.io/metasploit-framework/api
+[RSpec]:http://rspec.info
+[Better Specs]:http://betterspecs.org
+[YARD]:http://yardoc.org
 [Issues]:https://github.com/rapid7/metasploit-framework/issues
 [Freenode IRC channel]:http://webchat.freenode.net/?channels=%23metasploit&uio=d4
 [metasploit-hackers]:https://lists.sourceforge.net/lists/listinfo/metasploit-hackers

Gemfile.lock

@@ -56,7 +56,7 @@ PATH
       bcrypt
       jsobfu (~> 0.2.0)
       json
-      meterpreter_bins (= 0.0.16)
+      meterpreter_bins (= 0.0.17)
       msgpack
       nokogiri
       packetfu (= 1.1.9)
@@ -152,7 +152,7 @@ GEM
     json (1.8.2)
     mail (2.6.3)
       mime-types (>= 1.16, < 3)
-    meterpreter_bins (0.0.16)
+    meterpreter_bins (0.0.17)
     method_source (0.8.2)
     mime-types (2.4.3)
     mini_portile (0.6.2)

README.md

@@ -3,7 +3,7 @@ Metasploit [![Build Status](https://travis-ci.org/rapid7/metasploit-framework.pn
 The Metasploit Framework is released under a BSD-style license. See
 COPYING for more details.
 
-The latest version of this software is available from https://metasploit.com/
+The latest version of this software is available from: https://metasploit.com
 
 Bug tracking and development information can be found at:
  https://github.com/rapid7/metasploit-framework
@@ -20,8 +20,8 @@ Questions and suggestions can be sent to:
 Installing
 --
 
-Generally, you should use [the free installer](https://www.metasploit.com/download)
-which contains all dependencies and will get you up and running with a
+Generally, you should use [the free installer](https://www.metasploit.com/download),
+which contains all of the dependencies and will get you up and running with a
 few clicks. See the [Dev Environment Setup](http://r-7.co/MSF-DEV) if
 you'd like to deal with dependencies on your own.
 
@@ -34,10 +34,10 @@ resources](https://metasploit.github.io), or the [wiki].
 
 Contributing
 --
-See the [Dev Environment Setup][wiki-devenv] guide on GitHub which will
-walk you through the whole process starting from installing all the
+See the [Dev Environment Setup][wiki-devenv] guide on GitHub, which will
+walk you through the whole process from installing all the
 dependencies, to cloning the repository, and finally to submitting a
-pull request. For slightly more info, see
+pull request. For slightly more information, see
 [Contributing](https://github.com/rapid7/metasploit-framework/blob/master/CONTRIBUTING.md).
 
 

data/exploits/CVE-2015-0313/msf.swf

@@ -0,0 +1,35 @@
+ _________________________________________________ 
+< This console just got 20% cooler                >
+ ------------------------------------------------- 
+                                             /
+                                            / 
+ ▀▄▄▄▄▄▄▄▄                                 /  
+   ▀▀▄▄▄▄▄█▄▄▄▄                           /   
+   ▄███▄▄▄▄██▄██                         /    
+ ▄██▄█▄▄█▄▄██▄███                       /     
+ ▄██▄█████▄██▄▄█▄▄                     /      
+▄███████▄██▄▀▀▄▄██                    /       
+██████████▄▄▄ ██▄█                   /        
+██▄███▄███ ▀▀ ████                  /         
+▀███▄███▄▀     ███                 /          
+ ▀ ████▄▀      █▄█                /           
+   ██▄▀█     ▄▄▄▄▄▄▄▄            /            
+   ▀▄█ ▀   ▄▄█▄██████▄▄         /             
+    ▀█    ███▄█████████        /              
+        ▄███▄▄█████████       /               
+       ███████▄██████▄▀      /                
+      █████▄▄█████████                        
+    ▄▄███▄▀ █▄███████   ▄▄▄▄▄▄▄▄▄             
+   ▄▄█████ ▄█▄██▄████▄█▄█▄▄██▄▄██▄█▀          
+   ▀▄██▄▀▄▄▄███▄▄███▄██▄▄███▄▄███▄▄▄          
+     ▀▀  ▄███████████████▄▄▄██▄▄███▀▄         
+        ████▄█████████▄▄▄▄▄█▄▄▄▄▄███          
+       ███████▄█████▄▄████▄▄██▄██▀▄██         
+       ▀▀▄▄██████▄██████▄▄▄████▄▄  ▀▀▀        
+        ▄▄██████████▄▄█▄▄▄▄▄██▄▄▄             
+        ██▄█████████▄▄▄██████████             
+        ▀▀ █▄████ ███▄█▄▄▄▄▄▄▄▀▀              
+           ▄▄████  ████▄██                    
+           ▀▄████   ██▄███                    
+             ▀▄▄▀   ██▀█▀▀                    
+                    █