sempervictus
diff --git a/‎.mailmap
Lines changed: 1 addition & 0 deletions b/‎.mailmap
Lines changed: 1 addition & 0 deletions
diff --git a/‎.ruby-version
Lines changed: 1 addition & 1 deletion b/‎.ruby-version
Lines changed: 1 addition & 1 deletion
diff --git a/‎.travis.yml
Lines changed: 6 additions & 2 deletions b/‎.travis.yml
Lines changed: 6 additions & 2 deletions
diff --git a/‎CONTRIBUTING.md
Lines changed: 25 additions & 8 deletions b/‎CONTRIBUTING.md
Lines changed: 25 additions & 8 deletions
diff --git a/‎Gemfile
Lines changed: 9 additions & 5 deletions b/‎Gemfile
Lines changed: 9 additions & 5 deletions
diff --git a/‎Gemfile.lock
Lines changed: 8 additions & 4 deletions b/‎Gemfile.lock
Lines changed: 8 additions & 4 deletions
diff --git a/‎LICENSE
Lines changed: 5 additions & 1 deletion b/‎LICENSE
Lines changed: 5 additions & 1 deletion
diff --git a/‎README.md
Lines changed: 5 additions & 4 deletions b/‎README.md
Lines changed: 5 additions & 4 deletions
diff --git a/‎data/android/apk/AndroidManifest.xml
-48 Bytes b/‎data/android/apk/AndroidManifest.xml
-48 Bytes
diff --git a/‎data/android/apk/classes.dex
3.12 KB b/‎data/android/apk/classes.dex
3.12 KB
@@ -18,6 +18,7 @@ todb-r7 <todb-r7@github>           Tod Beardsley <[email protected]>
 todb-r7 <todb-r7@github>           Tod Beardsley <[email protected]>
 todb-r7 <todb-r7@github>           Tod Beardsley <[email protected]>
 trosen-r7 <trosen-r7@github>       Trevor Rosen <[email protected]>
+trosen-r7 <trosen-r7@github>       Trevor Rosen <[email protected]>
 wchen-r7 <wchen-r7@github>         sinn3r <[email protected]> # aka sinn3r
 wchen-r7 <wchen-r7@github>         sinn3r <[email protected]>
 wchen-r7 <wchen-r7@github>         Wei Chen <[email protected]>
 
@@ -1 +1 @@
-1.9.3-p484
+1.9.3-p547
@@ -1,11 +1,15 @@
 language: ruby
-env: MSF_SPOTCHECK_RECENT=1
 before_install:
   - rake --version
   - sudo apt-get update -qq
   - sudo apt-get install -qq libpcap-dev
+  # Uncomment when we have fewer shipping msftidy warnings.
+  # Merge committers will still be checking, just not autofailing.
+  # See https://dev.metasploit.com/redmine/issues/8498
+  # - ln -sf ../../tools/dev/pre-commit-hook.rb ./.git/hooks/post-merge
+  # - ls -la ./.git/hooks
+  # - ./.git/hooks/post-merge
 before_script:
-  - ./tools/msftidy.rb
   - cp config/database.yml.travis config/database.yml
   - bundle exec rake --version
   - bundle exec rake db:create
 
@@ -1,14 +1,29 @@
-# Contributing to Metasploit
+# Hello, World!
 
 Thanks for your interest in making Metasploit -- and therefore, the
-world -- a better place! What you see here in CONTRIBUTING.md is a
-bullet-point list of the do's and don'ts of how to make sure *your*
-valuable contributions actually make it into Metasploit's master branch.
+world -- a better place!
+
+Are you about to report a bug? If so, please use our [Redmine Bug
+Tracker](https://dev.metasploit.com/redmine/projects/framework). An
+account is required but it only takes a minute or two.
+
+Are you about to report a security vulnerability in Metasploit?
+If so, please take a look at Rapid's [Vulnerability
+Disclosure Policy](https://www.rapid7.com/disclosure.jsp) policy.
+
+Are you about to contribute some new functionality, a bug fix, or a new
+Metasploit module? If so, read on...
+
+# Contributing to Metasploit
+
+What you see here in CONTRIBUTING.md is a bullet-point list of the do's
+and don'ts of how to make sure *your* valuable contributions actually
+make it into Metasploit's master branch.
 
 If you care not to follow these rules, your contribution **will** be
 closed (*Road House* style). Sorry!
 
-Incidentally, this is a **short** list. The
+This is intended to be a **short** list. The
 [wiki](https://github.com/rapid7/metasploit-framework/wiki) is much more
 exhaustive and reveals many mysteries. If you read nothing else, take a
 look at the standard [development environment setup
@@ -23,6 +38,7 @@ and Metasploit's [Common Coding Mistakes](https://github.com/rapid7/metasploit-f
 
 ### Pull Requests
 
+* **Do** target your pull request to the **master branch**. Not staging, not develop, not release.
 * **Do** specify a descriptive title to make searching for your pull request easier.
 * **Do** include [console output](https://help.github.com/articles/github-flavored-markdown#fenced-code-blocks), especially for witnessable effects in `msfconsole`.
 * **Do** list [verification steps](https://help.github.com/articles/writing-on-github#task-lists) so your code is testable.
@@ -34,14 +50,15 @@ Pull requests [#2940](https://github.com/rapid7/metasploit-framework/pull/2940)
 #### New Modules
 
 * **Do** run `tools/msftidy.rb` against your module and fix any errors or warnings that come up. Even better would be to set up `msftidy.rb` as a [pre-commit hook](https://github.com/rapid7/metasploit-framework/blob/master/tools/dev/pre-commit-hook.rb).
-* **Do** use the [API](https://dev.metasploit.com/documents/api/). Wheel improvements are welcome; wheel reinventions, not so much.
+* **Do** use the [many module mixin APIs](https://dev.metasploit.com/api/). Wheel improvements are welcome; wheel reinventions, not so much.
 * **Don't** include more than one module per pull request.
 
 #### Library Code
 
 * **Do** write [RSpec](http://rspec.info/) tests - even the smallest change in library land can thoroughly screw things up.
 * **Do** follow [Better Specs](http://betterspecs.org/) - it's like the style guide for specs.
 * **Do** write [YARD](http://yardoc.org/) documentation - this makes it easier for people to use your code.
+* **Don't** fix a lot of things in one pull request. Small fixes are easier to validate.
 
 #### Bug Fixes
 
@@ -50,8 +67,8 @@ Pull requests [#2940](https://github.com/rapid7/metasploit-framework/pull/2940)
 
 ## Bug Reports
 
-* **Do** report vulnerabilities in Rapid7 software to [email protected].
-* **Do** create a Redmine account and report your bug there.
+* **Do** report vulnerabilities in Rapid7 software directly to [email protected].
+* **Do** create a Redmine account and report your non-vulnerability bugs there.
 * **Do** write a detailed description of your bug and use a descriptive title.
 * **Do** include reproduction steps, stack traces, and anything else that might help us verify and fix your bug.
 * **Don't** file duplicate reports - search for your bug before filing a new report.
 
@@ -1,23 +1,27 @@
 source 'https://rubygems.org'
 
 # Need 3+ for ActiveSupport::Concern
-gem 'activesupport', '>= 3.0.0'
+gem 'activesupport', '>= 3.0.0', '< 4.0.0'
 # Needed for some admin modules (cfme_manageiq_evm_pass_reset.rb)
-gem 'bcrypt-ruby'
+gem 'bcrypt'
 # Needed for some admin modules (scrutinizer_add_user.rb)
 gem 'json'
 # Needed by msfgui and other rpc components
 gem 'msgpack'
 # Needed by anemone crawler
 gem 'nokogiri'
-# Needed by anemone crawler
-gem 'robots'
 # Needed by db.rb and Msf::Exploit::Capture
 gem 'packetfu', '1.1.9'
+# Needed by JSObfu
+gem 'rkelly-remix', '0.0.6'
+# Needed by anemone crawler
+gem 'robots'
+# Needed for some post modules
+gem 'sqlite3'
 
 group :db do
   # Needed for Msf::DbManager
-  gem 'activerecord'
+  gem 'activerecord', '>= 3.0.0', '< 4.0.0'
   # Database models shared between framework and Pro.
   gem 'metasploit_data_models', '~> 0.17.0'
   # Needed for module caching in Mdm::ModuleDetails
 
@@ -13,7 +13,7 @@ GEM
       i18n (~> 0.6, >= 0.6.4)
       multi_json (~> 1.0)
     arel (3.0.2)
-    bcrypt-ruby (3.1.2)
+    bcrypt (3.1.7)
     builder (3.0.4)
     database_cleaner (1.1.1)
     diff-lcs (1.2.4)
@@ -37,6 +37,7 @@ GEM
     pg (0.16.0)
     rake (10.1.0)
     redcarpet (3.0.0)
+    rkelly-remix (0.0.6)
     robots (0.10.1)
     rspec (2.14.1)
       rspec-core (~> 2.14.0)
@@ -52,6 +53,7 @@ GEM
       multi_json (~> 1.0.3)
       simplecov-html (~> 0.5.3)
     simplecov-html (0.5.3)
+    sqlite3 (1.3.9)
     timecop (0.6.3)
     tzinfo (0.3.37)
     yard (0.8.7)
@@ -60,9 +62,9 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
-  activerecord
-  activesupport (>= 3.0.0)
-  bcrypt-ruby
+  activerecord (>= 3.0.0, < 4.0.0)
+  activesupport (>= 3.0.0, < 4.0.0)
+  bcrypt
   database_cleaner
   factory_girl (>= 4.1.0)
   fivemat (= 1.2.1)
@@ -76,9 +78,11 @@ DEPENDENCIES
   pg (>= 0.11)
   rake (>= 10.0.0)
   redcarpet
+  rkelly-remix (= 0.0.6)
   robots
   rspec (>= 2.12)
   shoulda-matchers
   simplecov (= 0.5.4)
+  sqlite3
   timecop
   yard
@@ -36,6 +36,10 @@ Files: external/ruby-lorcon/*
 Copyright: 2005, dragorn and Joshua Wright
 License: LGPL-2.1
 
+Files: external/source/exploits/IE11SandboxEscapes/*
+Copyright: James Forshaw, 2014
+License: GPLv3
+
 Files: external/source/byakugan/*
 Copyright: Lurene Grenier, 2009
 License: BSD-3-clause
@@ -176,7 +180,7 @@ Files: arel
 Copyright: 2007-2010 Nick Kallen, Bryan Helmkamp, Emilio Tagua, Aaron Patterson
 License: MIT
 
-Files: bcrypt-ruby
+Files: bcrypt
 Copyright: 2007-2011 Coda Hale
 License: MIT
 
 
@@ -24,10 +24,11 @@ The mailing list archives are available from:
 
 Installing
 --
-Generally, you should use the installer which contains all dependencies
-and will get you up and running with a few clicks. See the [Dev
-Environment Setup][wiki-devenv] if you'd like to deal with dependencies
-on your own.
+
+Generally, you should use [the free installer](https://www.metasploit.com/download)
+which contains all dependencies and will get you up and running with a
+few clicks. See the [Dev Environment Setup](http://r-7.co/MSF-DEV) if
+you'd like to deal with dependencies on your own.
 
 Using Metasploit
 --