Merge feature/recog into post-electro master for this PR

Author: HD Moore

.gitignore

@@ -15,8 +15,6 @@ Gemfile.local.lock
 config/database.yml
 # simplecov coverage data
 coverage
-data/meterpreter/ext_server_pivot.x86.dll
-data/meterpreter/ext_server_pivot.x64.dll
 doc/
 external/source/meterpreter/java/bin
 external/source/meterpreter/java/build
@@ -50,6 +48,28 @@ tags
 *.opensdf
 *.user
 
+# Rails log directory
+/log
+
 # ignore release/debug folders for exploits
 external/source/exploits/**/Debug
 external/source/exploits/**/Release
+
+# Avoid checking in Meterpreter binaries. These are supplied upstream by
+# the meterpreter_bins gem.
+data/meterpreter/elevator.*.dll
+data/meterpreter/ext_server_espia.*.dll
+data/meterpreter/ext_server_extapi.*.dll
+data/meterpreter/ext_server_incognito.*.dll
+data/meterpreter/ext_server_kiwi.*.dll
+data/meterpreter/ext_server_lanattacks.*.dll
+data/meterpreter/ext_server_mimikatz.*.dll
+data/meterpreter/ext_server_priv.*.dll
+data/meterpreter/ext_server_stdapi.*.dll
+data/meterpreter/metsrv.*.dll
+data/meterpreter/screenshot.*.dll
+
+# Avoid checking in Meterpreter libs that are built from
+# private source. If you're interested in this functionality,
+# check out Metasploit Pro: http://metasploit.com/download
+data/meterpreter/ext_server_pivot.*.dll

.rubocop.yml

@@ -0,0 +1,56 @@
+# This list was intially created by analyzing the last three months (51
+# modules) committed to Metasploit Framework. Many, many older modules
+# will have offenses, but this should at least provide a baseline for
+# new modules.
+#
+# Updates to this file should include a 'Description' parameter for any
+# explaination needed.
+
+# inherit_from: .rubocop_todo.yml
+
+Style/ClassLength:
+  Description: 'Most Metasploit modules are quite large. This is ok.'
+  Enabled: true
+  Exclude:
+    - 'modules/**/*'
+
+Style/Documentation:
+  Enabled: true
+  Description: 'Most Metasploit modules do not have class documentation.'
+  Exclude:
+    - 'modules/**/*'
+
+Style/Encoding:
+  Enabled: true
+  Description: 'We prefer binary to UTF-8.'
+  EnforcedStyle: 'when_needed'
+
+Style/LineLength:
+  Description: >-
+                  Metasploit modules often pattern match against very
+                  long strings when identifying targets.
+  Enabled: true
+  Max: 180
+
+Style/MethodLength:
+  Enabled: true
+  Description: >-
+                  While the style guide suggests 10 lines, exploit definitions
+                  often exceed 200 lines.
+  Max: 300
+
+Style/NumericLiterals:
+  Enabled: false
+  Description: 'This often hurts readability for exploit-ish code.'
+
+Style/SpaceInsideBrackets:
+  Enabled: false
+  Description: 'Until module template are final, most modules will fail this.'
+
+Style/StringLiterals:
+  Enabled: false
+  Description: 'Single vs double quote fights are largely unproductive.'
+
+Style/WordArray:
+  Enabled: false
+  Description: 'Metasploit prefers consistent use of []'

.yardopts

@@ -3,5 +3,8 @@
 --exclude \.ut\.rb/
 --exclude \.ts\.rb/
 --files CONTRIBUTING.md,COPYING,HACKING,LICENSE
+app/**/*.rb
 lib/msf/**/*.rb
+lib/metasploit/**/*.rb
 lib/rex/**/*.rb
+plugins/**/*.rb

CONTRIBUTING.md

@@ -33,6 +33,7 @@ and Metasploit's [Common Coding Mistakes](https://github.com/rapid7/metasploit-f
 ## Code Contributions
 
 * **Do** stick to the [Ruby style guide](https://github.com/bbatsov/ruby-style-guide).
+* *Do* get [Rubocop](https://rubygems.org/search?query=rubocop) relatively quiet against the code you are adding or modifying.
 * **Do** follow the [50/72 rule](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html) for Git commit messages.
 * **Do** create a [topic branch](http://git-scm.com/book/en/Git-Branching-Branching-Workflows#Topic-Branches) to work on instead of working directly on `master`.
 

Gemfile

@@ -1,73 +1,54 @@
 source 'https://rubygems.org'
-
-# Need 3+ for ActiveSupport::Concern
-gem 'activesupport', '>= 3.0.0', '< 4.0.0'
-# Needed for some admin modules (cfme_manageiq_evm_pass_reset.rb)
-gem 'bcrypt'
-# Needed for some admin modules (scrutinizer_add_user.rb)
-gem 'json'
-# Needed by msfgui and other rpc components
-gem 'msgpack'
-# Needed by anemone crawler
-gem 'nokogiri'
-# Needed by db.rb and Msf::Exploit::Capture
-gem 'packetfu', '1.1.9'
-# Needed by JSObfu
-gem 'rkelly-remix', '0.0.6'
-# Needed by anemone crawler
-gem 'robots'
-
-# Needed for service fingerprinting (Recog)
-gem 'recog', :git => '[email protected]:rapid7/recog.git'
-
-# Needed for some post modules
-gem 'sqlite3'
+# Add default group gems to `metasploit-framework.gemspec`:
+#   spec.add_runtime_dependency '<name>', [<version requirements>]
+gemspec
 
 group :db do
   # Needed for Msf::DbManager
   gem 'activerecord', '>= 3.0.0', '< 4.0.0'
-
-  # Database models shared between framework and Pro (depends on hmoore-r7 branch until merged)
-  # Unfortunately, MDM is broken after 0.17.0 in master right now, so waiting on that merge...
-
-  gem 'metasploit_data_models', '= 0.17.2'
-  # gem 'metasploit_data_models', :git => '[email protected]:hmoore-r7/metasploit_data_models.git'
-
+  # Metasploit::Credential database models
+  gem 'metasploit-credential', '>= 0.8.6', '< 0.9'
+  # Database models shared between framework and Pro.
+  # gem 'metasploit_data_models', '~> 0.19'
+  gem 'metasploit_data_models', :git => '[email protected]:hmoore-r7/metasploit_data_models.git'
   # Needed for module caching in Mdm::ModuleDetails
   gem 'pg', '>= 0.11'
 end
 
-group :pcap do
-  gem 'network_interface', '~> 0.0.1'
-  # For sniffer and raw socket modules
-  gem 'pcaprub'
-end
-
 group :development do
   # Markdown formatting for yard
   gem 'redcarpet'
   # generating documentation
   gem 'yard'
+  # for development and testing purposes
+  gem 'pry'
 end
 
 group :development, :test do
   # supplies factories for producing model instance for specs
   # Version 4.1.0 or newer is needed to support generate calls without the
   # 'FactoryGirl.' in factory definitions syntax.
   gem 'factory_girl', '>= 4.1.0'
+  # automatically include factories from spec/factories
+  gem 'factory_girl_rails'
   # Make rspec output shorter and more useful
   gem 'fivemat', '1.2.1'
   # running documentation generation tasks and rspec tasks
   gem 'rake', '>= 10.0.0'
+  # testing framework
+  gem 'rspec', '>= 2.12', '< 3.0.0'
+  # Define `rake spec`.  Must be in development AND test so that its available by default as a rake test when the
+  # environment is development
+  gem 'rspec-rails' , '>= 2.12', '< 3.0.0'
+end
+
+group :pcap do
+  gem 'network_interface', '~> 0.0.1'
+  # For sniffer and raw socket modules
+  gem 'pcaprub'
 end
 
 group :test do
-  # Removes records from database created during tests.  Can't use rspec-rails'
-  # transactional fixtures because multiple connections are in use so
-  # transactions won't work.
-  gem 'database_cleaner'
-  # testing framework
-  gem 'rspec', '>= 2.12'
   gem 'shoulda-matchers'
   # code coverage for tests
   # any version newer than 0.5.4 gives an Encoding error when trying to read the source files.

Gemfile.local.example

@@ -27,8 +27,6 @@ end
 
 # Create a custom group
 group :local do
-  # Use pry to help view and interact with objects in the framework
-  gem 'pry', '~> 0.9'
   # Use pry-debugger to step through code during development
   gem 'pry-debugger', '~> 0.2'
   # Add the lab gem so that the 'lab' plugin will work again