sempervictus
diff --git a/‎.gitignore
Lines changed: 2 additions & 0 deletions b/‎.gitignore
Lines changed: 2 additions & 0 deletions
diff --git a/‎.mailmap
Lines changed: 1 addition & 0 deletions b/‎.mailmap
Lines changed: 1 addition & 0 deletions
diff --git a/‎.ruby-version
Lines changed: 1 addition & 1 deletion b/‎.ruby-version
Lines changed: 1 addition & 1 deletion
diff --git a/‎.travis.yml
Lines changed: 6 additions & 2 deletions b/‎.travis.yml
Lines changed: 6 additions & 2 deletions
diff --git a/‎CONTRIBUTING.md
Lines changed: 83 additions & 42 deletions b/‎CONTRIBUTING.md
Lines changed: 83 additions & 42 deletions
diff --git a/‎COPYING
Lines changed: 1 addition & 1 deletion b/‎COPYING
Lines changed: 1 addition & 1 deletion
diff --git a/‎Gemfile
Lines changed: 10 additions & 6 deletions b/‎Gemfile
Lines changed: 10 additions & 6 deletions
diff --git a/‎Gemfile.local.example
Lines changed: 36 additions & 0 deletions b/‎Gemfile.local.example
Lines changed: 36 additions & 0 deletions
diff --git a/‎Gemfile.lock
Lines changed: 10 additions & 6 deletions b/‎Gemfile.lock
Lines changed: 10 additions & 6 deletions
@@ -1,4 +1,6 @@
 .bundle
+Gemfile.local
+Gemfile.local.lock
 # Rubymine project directory
 .idea
 # Sublime Text project directory (not created by ST by default)
 
@@ -18,6 +18,7 @@ todb-r7 <todb-r7@github>           Tod Beardsley <[email protected]>
 todb-r7 <todb-r7@github>           Tod Beardsley <[email protected]>
 todb-r7 <todb-r7@github>           Tod Beardsley <[email protected]>
 trosen-r7 <trosen-r7@github>       Trevor Rosen <[email protected]>
+trosen-r7 <trosen-r7@github>       Trevor Rosen <[email protected]>
 wchen-r7 <wchen-r7@github>         sinn3r <[email protected]> # aka sinn3r
 wchen-r7 <wchen-r7@github>         sinn3r <[email protected]>
 wchen-r7 <wchen-r7@github>         Wei Chen <[email protected]>
 
@@ -1 +1 @@
-1.9.3-p484
+1.9.3-p547
@@ -1,11 +1,15 @@
 language: ruby
-env: MSF_SPOTCHECK_RECENT=1
 before_install:
   - rake --version
   - sudo apt-get update -qq
   - sudo apt-get install -qq libpcap-dev
+  # Uncomment when we have fewer shipping msftidy warnings.
+  # Merge committers will still be checking, just not autofailing.
+  # See https://dev.metasploit.com/redmine/issues/8498
+  # - ln -sf ../../tools/dev/pre-commit-hook.rb ./.git/hooks/post-merge
+  # - ls -la ./.git/hooks
+  # - ./.git/hooks/post-merge
 before_script:
-  - ./tools/msftidy.rb
   - cp config/database.yml.travis config/database.yml
   - bundle exec rake --version
   - bundle exec rake db:create
 
@@ -1,44 +1,85 @@
+# Hello, World!
+
+Thanks for your interest in making Metasploit -- and therefore, the
+world -- a better place!
+
+Are you about to report a bug? If so, please use our [Redmine Bug
+Tracker](https://dev.metasploit.com/redmine/projects/framework). An
+account is required but it only takes a minute or two.
+
+Are you about to report a security vulnerability in Metasploit?
+If so, please take a look at Rapid's [Vulnerability
+Disclosure Policy](https://www.rapid7.com/disclosure.jsp) policy.
+
+Are you about to contribute some new functionality, a bug fix, or a new
+Metasploit module? If so, read on...
+
 # Contributing to Metasploit
 
-## Reporting Bugs
-
-If you would like to report a bug, please take a look at [our Redmine
-issue
-tracker](https://dev.metasploit.com/redmine/projects/framework/issues?query_id=420)
--- your bug may already have been reported there! Simply [searching](https://dev.metasploit.com/redmine/projects/framework/search) for some appropriate keywords may save everyone a lot of hassle.
-
-If your bug is new and you'd like to report it you will need to
-[register
-first](https://dev.metasploit.com/redmine/account/register). Don't
-worry, it's easy and fun and takes about 30 seconds.
-
-When you file a bug report, please include your **steps to reproduce**,
-full copy-pastes of Ruby stack traces, and any relevant details about
-your environment. Without repro steps, your bug will likely be closed.
-With repro steps, your bugs will likely be fixed.
-
-## Contributing Metasploit Modules
-
-If you have an exploit that you'd like to contribute to the Metasploit
-Framework, please familiarize yourself with the
-**[HACKING](https://github.com/rapid7/metasploit-framework/blob/master/HACKING)**
-document in the
-Metasploit-Framework repository. There are many mysteries revealed in
-HACKING concerning code style and content.
-
-[Pull requests](https://github.com/rapid7/metasploit-framework/pulls)
-should corellate with modules at a 1:1 ratio
--- there is rarely a good reason to have two, three, or ten modules on
-one pull request, as this dramatically increases the review time
-required to land (commit) any of those modules.
-
-Pull requests tend to be very collaborative for Metasploit -- do not be
-surprised if your pull request to rapid7/metasploit-framework triggers a
-pull request back to your own fork. In this way, we can isolate working
-changes before landing your PR to the Metasploit master branch.
-
-To save yourself the embarrassment of committing common errors, you will
-want to symlink the `msftidy.rb` utility to your pre-commit hooks by
-running `ln -s ../../tools/dev/pre-commit-hook.rb .git/hooks/pre-commit`
-from the top-level directory of your metasploit-framework clone. This
-will prevent you from committing modules that raise WARNINGS or ERRORS.
+What you see here in CONTRIBUTING.md is a bullet-point list of the do's
+and don'ts of how to make sure *your* valuable contributions actually
+make it into Metasploit's master branch.
+
+If you care not to follow these rules, your contribution **will** be
+closed (*Road House* style). Sorry!
+
+This is intended to be a **short** list. The
+[wiki](https://github.com/rapid7/metasploit-framework/wiki) is much more
+exhaustive and reveals many mysteries. If you read nothing else, take a
+look at the standard [development environment setup
+guide](https://github.com/rapid7/metasploit-framework/wiki/Setting-Up-a-Metasploit-Development-Environment)
+and Metasploit's [Common Coding Mistakes](https://github.com/rapid7/metasploit-framework/wiki/Common-Metasploit-Module-Coding-Mistakes).
+
+## Code Contributions
+
+* **Do** stick to the [Ruby style guide](https://github.com/bbatsov/ruby-style-guide).
+* **Do** follow the [50/72 rule](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html) for Git commit messages.
+* **Do** create a [topic branch](http://git-scm.com/book/en/Git-Branching-Branching-Workflows#Topic-Branches) to work on instead of working directly on `master`.
+
+### Pull Requests
+
+* **Do** target your pull request to the **master branch**. Not staging, not develop, not release.
+* **Do** specify a descriptive title to make searching for your pull request easier.
+* **Do** include [console output](https://help.github.com/articles/github-flavored-markdown#fenced-code-blocks), especially for witnessable effects in `msfconsole`.
+* **Do** list [verification steps](https://help.github.com/articles/writing-on-github#task-lists) so your code is testable.
+* **Don't** leave your pull request description blank.
+* **Don't** abandon your pull request. Being responsive helps us land your code faster.
+
+Pull requests [#2940](https://github.com/rapid7/metasploit-framework/pull/2940) and [#3043](https://github.com/rapid7/metasploit-framework/pull/3043) are a couple good examples to follow.
+
+#### New Modules
+
+* **Do** run `tools/msftidy.rb` against your module and fix any errors or warnings that come up. Even better would be to set up `msftidy.rb` as a [pre-commit hook](https://github.com/rapid7/metasploit-framework/blob/master/tools/dev/pre-commit-hook.rb).
+* **Do** use the [many module mixin APIs](https://dev.metasploit.com/api/). Wheel improvements are welcome; wheel reinventions, not so much.
+* **Don't** include more than one module per pull request.
+
+#### Library Code
+
+* **Do** write [RSpec](http://rspec.info/) tests - even the smallest change in library land can thoroughly screw things up.
+* **Do** follow [Better Specs](http://betterspecs.org/) - it's like the style guide for specs.
+* **Do** write [YARD](http://yardoc.org/) documentation - this makes it easier for people to use your code.
+* **Don't** fix a lot of things in one pull request. Small fixes are easier to validate.
+
+#### Bug Fixes
+
+* **Do** include reproduction steps in the form of verification steps.
+* **Do** include a link to the corresponding [Redmine](https://dev.metasploit.com/redmine/projects/framework) issue in the format of `SeeRM #1234` in your commit description.
+
+## Bug Reports
+
+* **Do** report vulnerabilities in Rapid7 software directly to [email protected].
+* **Do** create a Redmine account and report your non-vulnerability bugs there.
+* **Do** write a detailed description of your bug and use a descriptive title.
+* **Do** include reproduction steps, stack traces, and anything else that might help us verify and fix your bug.
+* **Don't** file duplicate reports - search for your bug before filing a new report.
+* **Don't** report a bug on GitHub. Use [Redmine](https://dev.metasploit.com/redmine/projects/framework) instead.
+
+Redmine issues [#8762](https://dev.metasploit.com/redmine/issues/8762) and [#8764](https://dev.metasploit.com/redmine/issues/8764) are a couple good examples to follow.
+
+If you need some more guidance, talk to the main body of open
+source contributors over on the [Freenode IRC channel](http://webchat.freenode.net/?channels=%23metasploit&uio=d4)
+or e-mail us at [metasploit-hackers](https://lists.sourceforge.net/lists/listinfo/metasploit-hackers)
+mailing list.
+
+Also, **thank you** for taking the few moments to read this far! You're
+already way ahead of the curve, so keep it up!
@@ -1,4 +1,4 @@
-Copyright (C) 2006-2013, Rapid7 Inc.
+Copyright (C) 2006-2013, Rapid7, Inc.
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without modification,
 
@@ -1,25 +1,29 @@
 source 'https://rubygems.org'
 
 # Need 3+ for ActiveSupport::Concern
-gem 'activesupport', '>= 3.0.0'
+gem 'activesupport', '>= 3.0.0', '< 4.0.0'
 # Needed for some admin modules (cfme_manageiq_evm_pass_reset.rb)
-gem 'bcrypt-ruby'
+gem 'bcrypt'
 # Needed for some admin modules (scrutinizer_add_user.rb)
 gem 'json'
 # Needed by msfgui and other rpc components
 gem 'msgpack'
 # Needed by anemone crawler
 gem 'nokogiri'
-# Needed by anemone crawler
-gem 'robots'
 # Needed by db.rb and Msf::Exploit::Capture
 gem 'packetfu', '1.1.9'
+# Needed by JSObfu
+gem 'rkelly-remix', '0.0.6'
+# Needed by anemone crawler
+gem 'robots'
+# Needed for some post modules
+gem 'sqlite3'
 
 group :db do
   # Needed for Msf::DbManager
-  gem 'activerecord'
+  gem 'activerecord', '>= 3.0.0', '< 4.0.0'
   # Database models shared between framework and Pro.
-  gem 'metasploit_data_models', '~> 0.16.9'
+  gem 'metasploit_data_models', '~> 0.17.0'
   # Needed for module caching in Mdm::ModuleDetails
   gem 'pg', '>= 0.11'
 end
 
@@ -0,0 +1,36 @@
+##
+# Example Gemfile.local file for Metasploit Framework
+#
+# The Gemfile.local file provides a way to use other gems that are not
+# included in the standard Gemfile provided with Metasploit.
+# This filename is included in Metasploit's .gitignore file, so local changes
+# to this file will not accidentally show up in future pull requests. This
+# example Gemfile.local includes all gems in Gemfile using instance_eval.
+# It also creates a new bundle group, 'local', to hold additional gems.
+#
+# This file will not be used by default within the framework. As such, one
+# must first install the custom Gemfile.local with bundle:
+#   bundle install --gemfile Gemfile.local
+#
+# Note that msfupdate does not consider Gemfile.local when updating the
+# framework. If it is used, it may be necessary to run the above bundle
+# command after the update.
+#
+###
+
+# Include the Gemfile included with the framework. This is very
+# important for picking up new gem dependencies.
+msf_gemfile = File.join(File.dirname(__FILE__), 'Gemfile')
+if File.readable?(msf_gemfile)
+  instance_eval(File.read(msf_gemfile))
+end
+
+# Create a custom group
+group :local do
+  # Use pry to help view and interact with objects in the framework
+  gem 'pry', '~> 0.9'
+  # Use pry-debugger to step through code during development
+  gem 'pry-debugger', '~> 0.2'
+  # Add the lab gem so that the 'lab' plugin will work again
+  gem 'lab', '~> 0.2.7'
+end
@@ -13,7 +13,7 @@ GEM
       i18n (~> 0.6, >= 0.6.4)
       multi_json (~> 1.0)
     arel (3.0.2)
-    bcrypt-ruby (3.1.2)
+    bcrypt (3.1.7)
     builder (3.0.4)
     database_cleaner (1.1.1)
     diff-lcs (1.2.4)
@@ -22,7 +22,7 @@ GEM
     fivemat (1.2.1)
     i18n (0.6.5)
     json (1.8.0)
-    metasploit_data_models (0.16.9)
+    metasploit_data_models (0.17.0)
       activerecord (>= 3.2.13)
       activesupport
       pg
@@ -37,6 +37,7 @@ GEM
     pg (0.16.0)
     rake (10.1.0)
     redcarpet (3.0.0)
+    rkelly-remix (0.0.6)
     robots (0.10.1)
     rspec (2.14.1)
       rspec-core (~> 2.14.0)
@@ -52,6 +53,7 @@ GEM
       multi_json (~> 1.0.3)
       simplecov-html (~> 0.5.3)
     simplecov-html (0.5.3)
+    sqlite3 (1.3.9)
     timecop (0.6.3)
     tzinfo (0.3.37)
     yard (0.8.7)
@@ -60,14 +62,14 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
-  activerecord
-  activesupport (>= 3.0.0)
-  bcrypt-ruby
+  activerecord (>= 3.0.0, < 4.0.0)
+  activesupport (>= 3.0.0, < 4.0.0)
+  bcrypt
   database_cleaner
   factory_girl (>= 4.1.0)
   fivemat (= 1.2.1)
   json
-  metasploit_data_models (~> 0.16.9)
+  metasploit_data_models (~> 0.17.0)
   msgpack
   network_interface (~> 0.0.1)
   nokogiri
@@ -76,9 +78,11 @@ DEPENDENCIES
   pg (>= 0.11)
   rake (>= 10.0.0)
   redcarpet
+  rkelly-remix (= 0.0.6)
   robots
   rspec (>= 2.12)
   shoulda-matchers
   simplecov (= 0.5.4)
+  sqlite3
   timecop
   yard
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-Copyright (C) 2006-2013, Rapid7 Inc.`
	`1`	`+Copyright (C) 2006-2013, Rapid7, Inc.`
`2`	`2`	`All rights reserved.`
`3`	`3`
`4`	`4`	`Redistribution and use in source and binary forms, with or without modification,`