Merge remote-tracking branch 'upstream/master'

Author: Tod Beardsley

.dockerignore

@@ -34,7 +34,7 @@ config/database.yml
 # target config file for testing
 features/support/targets.yml
 # simplecov coverage data
-coverage
+coverage/
 doc/
 external/source/meterpreter/java/bin
 external/source/meterpreter/java/build

.gitignore

@@ -88,6 +88,7 @@ data/meterpreter/ext_server_pivot.*.dll
 
 # local docker compose overrides
 docker-compose.local*
+.env
 
 # Ignore python bytecode
 *.pyc

.travis.yml

@@ -25,7 +25,7 @@ matrix:
 jobs:
   # build docker image
   include:
-  - env: CMD="docker-compose -f $TRAVIS_BUILD_DIR/docker-compose.yml build" DOCKER="true"
+  - env: CMD="docker-compose build" DOCKER="true"
     # we do not need any setup
     before_install: skip
     install: skip

Dockerfile

@@ -1,14 +1,17 @@
 FROM ruby:2.4.2-alpine
-MAINTAINER Rapid7
+LABEL maintainer="Rapid7"
 
 ARG BUNDLER_ARGS="--jobs=8 --without development test coverage"
 ENV APP_HOME /usr/src/metasploit-framework/
 ENV MSF_USER msf
 ENV NMAP_PRIVILEGED=""
+ENV BUNDLE_IGNORE_MESSAGES="true"
 WORKDIR $APP_HOME
 
-COPY Gemfile* m* Rakefile $APP_HOME
-COPY lib $APP_HOME/lib
+COPY Gemfile* metasploit-framework.gemspec Rakefile $APP_HOME
+COPY lib/metasploit/framework/version.rb $APP_HOME/lib/metasploit/framework/version.rb
+COPY lib/metasploit/framework/rails_version_constraint.rb $APP_HOME/lib/metasploit/framework/rails_version_constraint.rb
+COPY lib/msf/util/helper.rb $APP_HOME/lib/msf/util/helper.rb
 
 RUN apk update && \
     apk add \
@@ -45,7 +48,7 @@ RUN apk update && \
 RUN adduser -g msfconsole -D $MSF_USER
 
 RUN /usr/sbin/setcap cap_net_raw,cap_net_bind_service=+eip $(which ruby)
-RUN /usr/sbin/setcap cap_net_raw,cap_net_bind_service=+eip /usr/bin/nmap
+RUN /usr/sbin/setcap cap_net_raw,cap_net_bind_service=+eip $(which nmap)
 
 USER $MSF_USER
 

Gemfile

@@ -19,8 +19,10 @@ group :development do
   # module documentation
   gem 'octokit'
   # Metasploit::Aggregator external session proxy
-  # Disabled for now for crypttlv updates
-  # gem 'metasploit-aggregator'
+  gem 'metasploit-aggregator' if [
+    'x86-mingw32', 'x64-mingw32',
+    'x86_64-linux', 'x86-linux',
+    'darwin'].include?(RUBY_PLATFORM.gsub(/.*darwin.*/, 'darwin'))
 end
 
 group :development, :test do

Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    metasploit-framework (4.16.10)
+    metasploit-framework (4.16.22)
       actionpack (~> 4.2.6)
       activerecord (~> 4.2.6)
       activesupport (~> 4.2.6)
@@ -17,9 +17,9 @@ PATH
       metasploit-concern
       metasploit-credential
       metasploit-model
-      metasploit-payloads (= 1.3.9)
+      metasploit-payloads (= 1.3.18)
       metasploit_data_models
-      metasploit_payloads-mettle (= 0.2.2)
+      metasploit_payloads-mettle (= 0.2.8)
       msgpack
       nessus_rest
       net-ssh
@@ -49,7 +49,7 @@ PATH
       rex-mime
       rex-nop
       rex-ole
-      rex-powershell (< 0.1.73)
+      rex-powershell (< 0.1.78)
       rex-random_identifier
       rex-registry
       rex-rop_builder
@@ -102,39 +102,65 @@ GEM
       public_suffix (>= 2.0.2, < 4.0)
     afm (0.2.2)
     arel (6.0.4)
-    arel-helpers (2.4.0)
+    arel-helpers (2.5.0)
       activerecord (>= 3.1.0, < 6)
-    backports (3.8.0)
+    backports (3.10.3)
     bcrypt (3.1.11)
     bcrypt_pbkdf (1.0.0)
     bindata (2.4.1)
     bit-struct (0.16)
     builder (3.2.3)
     coderay (1.1.2)
-    crass (1.0.2)
+    concurrent-ruby (1.0.5)
+    crass (1.0.3)
     diff-lcs (1.3)
     dnsruby (1.60.2)
     docile (1.1.5)
     erubis (2.7.0)
-    factory_girl (4.8.1)
+    factory_girl (4.9.0)
       activesupport (>= 3.0.0)
-    factory_girl_rails (4.8.0)
-      factory_girl (~> 4.8.0)
+    factory_girl_rails (4.9.0)
+      factory_girl (~> 4.9.0)
       railties (>= 3.0.0)
     faraday (0.13.1)
       multipart-post (>= 1.2, < 3)
     ffi (1.9.18)
     filesize (0.1.1)
     fivemat (1.3.5)
+    google-protobuf (3.5.0)
+    googleapis-common-protos-types (1.0.1)
+      google-protobuf (~> 3.0)
+    googleauth (0.6.2)
+      faraday (~> 0.12)
+      jwt (>= 1.4, < 3.0)
+      logging (~> 2.0)
+      memoist (~> 0.12)
+      multi_json (~> 1.11)
+      os (~> 0.9)
+      signet (~> 0.7)
+    grpc (1.7.2)
+      google-protobuf (~> 3.1)
+      googleapis-common-protos-types (~> 1.0.0)
+      googleauth (>= 0.5.1, < 0.7)
     hashery (2.1.2)
-    i18n (0.8.6)
+    i18n (0.9.1)
+      concurrent-ruby (~> 1.0)
     jsobfu (0.4.2)
       rkelly-remix
     json (2.1.0)
+    jwt (2.1.0)
+    little-plugger (1.1.4)
+    logging (2.2.2)
+      little-plugger (~> 1.1)
+      multi_json (~> 1.10)
     loofah (2.1.1)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
+    memoist (0.16.0)
     metasm (1.0.3)
+    metasploit-aggregator (1.0.0)
+      grpc
+      rex-arch
     metasploit-concern (2.0.5)
       activemodel (~> 4.2.6)
       activesupport (~> 4.2.6)
@@ -152,7 +178,7 @@ GEM
       activemodel (~> 4.2.6)
       activesupport (~> 4.2.6)
       railties (~> 4.2.6)
-    metasploit-payloads (1.3.9)
+    metasploit-payloads (1.3.18)
     metasploit_data_models (2.0.15)
       activerecord (~> 4.2.6)
       activesupport (~> 4.2.6)
@@ -163,11 +189,12 @@ GEM
       postgres_ext
       railties (~> 4.2.6)
       recog (~> 2.0)
-    metasploit_payloads-mettle (0.2.2)
+    metasploit_payloads-mettle (0.2.8)
     method_source (0.9.0)
     mini_portile2 (2.3.0)
     minitest (5.10.3)
     msgpack (1.1.0)
+    multi_json (1.12.2)
     multipart-post (2.0.0)
     nessus_rest (0.1.6)
     net-ssh (4.2.0)
@@ -179,6 +206,7 @@ GEM
       sawyer (~> 0.8.0, >= 0.5.3)
     openssl-ccm (1.2.1)
     openvas-omp (0.0.4)
+    os (0.9.6)
     packetfu (1.1.13)
       pcaprub
     patch_finder (1.0.2)
@@ -195,10 +223,10 @@ GEM
       activerecord (>= 4.0.0)
       arel (>= 4.0.1)
       pg_array_parser (~> 0.0.9)
-    pry (0.11.1)
+    pry (0.11.3)
       coderay (~> 1.1.0)
       method_source (~> 0.9.0)
-    public_suffix (3.0.0)
+    public_suffix (3.0.1)
     rack (1.6.8)
     rack-test (0.6.3)
       rack (>= 1.0)
@@ -215,16 +243,16 @@ GEM
       activesupport (= 4.2.10)
       rake (>= 0.8.7)
       thor (>= 0.18.1, < 2.0)
-    rake (12.1.0)
+    rake (12.3.0)
     rb-readline (0.5.5)
     rbnacl (4.0.2)
       ffi
-    rbnacl-libsodium (1.0.13)
+    rbnacl-libsodium (1.0.15.1)
       rbnacl (>= 3.0.1)
-    recog (2.1.15)
+    recog (2.1.17)
       nokogiri
     redcarpet (3.4.0)
-    rex-arch (0.1.11)
+    rex-arch (0.1.13)
       rex-text
     rex-bin_tools (0.1.4)
       metasm
@@ -237,7 +265,7 @@ GEM
       metasm
       rex-arch
       rex-text
-    rex-exploitation (0.1.14)
+    rex-exploitation (0.1.16)
       jsobfu
       metasm
       rex-arch
@@ -250,7 +278,7 @@ GEM
       rex-arch
     rex-ole (0.1.6)
       rex-text
-    rex-powershell (0.1.72)
+    rex-powershell (0.1.77)
       rex-random_identifier
       rex-text
     rex-random_identifier (0.1.4)
@@ -260,7 +288,7 @@ GEM
       metasm
       rex-core
       rex-text
-    rex-socket (0.1.8)
+    rex-socket (0.1.9)
       rex-core
     rex-sslscan (0.1.5)
       rex-core
@@ -271,29 +299,29 @@ GEM
     rex-zip (0.1.3)
       rex-text
     rkelly-remix (0.0.7)
-    rspec (3.6.0)
-      rspec-core (~> 3.6.0)
-      rspec-expectations (~> 3.6.0)
-      rspec-mocks (~> 3.6.0)
-    rspec-core (3.6.0)
-      rspec-support (~> 3.6.0)
-    rspec-expectations (3.6.0)
+    rspec (3.7.0)
+      rspec-core (~> 3.7.0)
+      rspec-expectations (~> 3.7.0)
+      rspec-mocks (~> 3.7.0)
+    rspec-core (3.7.0)
+      rspec-support (~> 3.7.0)
+    rspec-expectations (3.7.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.6.0)
-    rspec-mocks (3.6.0)
+      rspec-support (~> 3.7.0)
+    rspec-mocks (3.7.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.6.0)
-    rspec-rails (3.6.1)
+      rspec-support (~> 3.7.0)
+    rspec-rails (3.7.2)
       actionpack (>= 3.0)
       activesupport (>= 3.0)
       railties (>= 3.0)
-      rspec-core (~> 3.6.0)
-      rspec-expectations (~> 3.6.0)
-      rspec-mocks (~> 3.6.0)
-      rspec-support (~> 3.6.0)
+      rspec-core (~> 3.7.0)
+      rspec-expectations (~> 3.7.0)
+      rspec-mocks (~> 3.7.0)
+      rspec-support (~> 3.7.0)
     rspec-rerun (1.1.0)
       rspec (~> 3.0)
-    rspec-support (3.6.0)
+    rspec-support (3.7.0)
     ruby-rc4 (0.1.5)
     ruby_smb (0.0.18)
       bindata
@@ -304,6 +332,11 @@ GEM
     sawyer (0.8.1)
       addressable (>= 2.3.5, < 2.6)
       faraday (~> 0.8, < 1.0)
+    signet (0.8.1)
+      addressable (~> 2.3)
+      faraday (~> 0.9)
+      jwt (>= 1.5, < 3.0)
+      multi_json (~> 1.10)
     simplecov (0.15.1)
       docile (~> 1.1.0)
       json (>= 1.8, < 3)
@@ -315,23 +348,24 @@ GEM
     thread_safe (0.3.6)
     timecop (0.9.1)
     ttfunk (1.5.1)
-    tzinfo (1.2.3)
+    tzinfo (1.2.4)
       thread_safe (~> 0.1)
-    tzinfo-data (1.2017.2)
+    tzinfo-data (1.2017.3)
       tzinfo (>= 1.0.0)
     windows_error (0.1.2)
     xdr (2.0.0)
       activemodel (>= 4.2.7)
       activesupport (>= 4.2.7)
     xmlrpc (0.3.0)
-    yard (0.9.9)
+    yard (0.9.12)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
   factory_girl_rails
   fivemat
+  metasploit-aggregator
   metasploit-framework!
   octokit
   pry
@@ -344,4 +378,4 @@ DEPENDENCIES
   yard
 
 BUNDLED WITH
-   1.15.4
+   1.16.0

LICENSE_GEMS

@@ -84,7 +84,7 @@ rex-arch, 0.1.9, "New BSD"
 rex-bin_tools, 0.1.4, "New BSD"
 rex-core, 0.1.11, "New BSD"
 rex-encoder, 0.1.4, "New BSD"
-rex-exploitation, 0.1.14, "New BSD"
+rex-exploitation, 0.1.15, "New BSD"
 rex-java, 0.1.5, "New BSD"
 rex-mime, 0.1.5, "New BSD"
 rex-nop, 0.1.1, "New BSD"

README.md

@@ -1,4 +1,4 @@
-Metasploit [![Build Status](https://travis-ci.org/rapid7/metasploit-framework.svg?branch=master)](https://travis-ci.org/rapid7/metasploit-framework) [![Code Climate](https://img.shields.io/codeclimate/github/rapid7/metasploit-framework.svg)](https://codeclimate.com/github/rapid7/metasploit-framework)
+Metasploit [![Build Status](https://travis-ci.org/rapid7/metasploit-framework.svg?branch=master)](https://travis-ci.org/rapid7/metasploit-framework) [![Code Climate](https://img.shields.io/codeclimate/github/rapid7/metasploit-framework.svg)](https://codeclimate.com/github/rapid7/metasploit-framework) [![Docker Pulls](https://img.shields.io/docker/pulls/metasploitframework/metasploit-framework.svg)](https://hub.docker.com/r/metasploitframework/metasploit-framework/)
 ==
 The Metasploit Framework is released under a BSD-style license. See
 COPYING for more details.