sempervictus
diff --git a/‎.gitignore
Lines changed: 21 additions & 2 deletions b/‎.gitignore
Lines changed: 21 additions & 2 deletions
diff --git a/‎.mailmap
Lines changed: 1 addition & 0 deletions b/‎.mailmap
Lines changed: 1 addition & 0 deletions
diff --git a/‎.rubocop.yml
Lines changed: 19 additions & 0 deletions b/‎.rubocop.yml
Lines changed: 19 additions & 0 deletions
diff --git a/‎.ruby-version
Lines changed: 1 addition & 1 deletion b/‎.ruby-version
Lines changed: 1 addition & 1 deletion
diff --git a/‎.travis.yml
Lines changed: 6 additions & 2 deletions b/‎.travis.yml
Lines changed: 6 additions & 2 deletions
diff --git a/‎.yardopts
Lines changed: 1 addition & 0 deletions b/‎.yardopts
Lines changed: 1 addition & 0 deletions
diff --git a/‎CONTRIBUTING.md
Lines changed: 26 additions & 8 deletions b/‎CONTRIBUTING.md
Lines changed: 26 additions & 8 deletions
diff --git a/‎Gemfile
Lines changed: 14 additions & 6 deletions b/‎Gemfile
Lines changed: 14 additions & 6 deletions
diff --git a/‎Gemfile.local.example
Lines changed: 36 additions & 0 deletions b/‎Gemfile.local.example
Lines changed: 36 additions & 0 deletions
diff --git a/‎Gemfile.lock
Lines changed: 26 additions & 5 deletions b/‎Gemfile.lock
Lines changed: 26 additions & 5 deletions
@@ -1,4 +1,6 @@
 .bundle
+Gemfile.local
+Gemfile.local.lock
 # Rubymine project directory
 .idea
 # Sublime Text project directory (not created by ST by default)
@@ -13,8 +15,6 @@
 config/database.yml
 # simplecov coverage data
 coverage
-data/meterpreter/ext_server_pivot.x86.dll
-data/meterpreter/ext_server_pivot.x64.dll
 doc/
 external/source/meterpreter/java/bin
 external/source/meterpreter/java/build
@@ -51,3 +51,22 @@ tags
 # ignore release/debug folders for exploits
 external/source/exploits/**/Debug
 external/source/exploits/**/Release
+
+# Avoid checking in Meterpreter binaries. These are supplied upstream by
+# the meterpreter_bins gem.
+data/meterpreter/elevator.*.dll
+data/meterpreter/ext_server_espia.*.dll
+data/meterpreter/ext_server_extapi.*.dll
+data/meterpreter/ext_server_incognito.*.dll
+data/meterpreter/ext_server_kiwi.*.dll
+data/meterpreter/ext_server_lanattacks.*.dll
+data/meterpreter/ext_server_mimikatz.*.dll
+data/meterpreter/ext_server_priv.*.dll
+data/meterpreter/ext_server_stdapi.*.dll
+data/meterpreter/metsrv.*.dll
+data/meterpreter/screenshot.*.dll
+
+# Avoid checking in Meterpreter libs that are built from
+# private source. If you're interested in this functionality,
+# check out Metasploit Pro: http://metasploit.com/download
+data/meterpreter/ext_server_pivot.*.dll
@@ -18,6 +18,7 @@ todb-r7 <todb-r7@github>           Tod Beardsley <[email protected]>
 todb-r7 <todb-r7@github>           Tod Beardsley <[email protected]>
 todb-r7 <todb-r7@github>           Tod Beardsley <[email protected]>
 trosen-r7 <trosen-r7@github>       Trevor Rosen <[email protected]>
+trosen-r7 <trosen-r7@github>       Trevor Rosen <[email protected]>
 wchen-r7 <wchen-r7@github>         sinn3r <[email protected]> # aka sinn3r
 wchen-r7 <wchen-r7@github>         sinn3r <[email protected]>
 wchen-r7 <wchen-r7@github>         Wei Chen <[email protected]>
 
@@ -0,0 +1,19 @@
+LineLength:
+  Enabled: true
+  Max: 180
+
+MethodLength:
+  Enabled: true
+  Max: 100
+
+Style/ClassLength:
+  Exclude:
+    # Most modules are quite large and all contained in one class.  This is OK.
+    - 'modules/**/*'
+
+Style/NumericLiterals:
+  Enabled: false
+
+Documentation:
+  Exclude:
+    - 'modules/**/*'
@@ -1 +1 @@
-1.9.3-p484
+1.9.3-p547
@@ -1,11 +1,15 @@
 language: ruby
-env: MSF_SPOTCHECK_RECENT=1
 before_install:
   - rake --version
   - sudo apt-get update -qq
   - sudo apt-get install -qq libpcap-dev
+  # Uncomment when we have fewer shipping msftidy warnings.
+  # Merge committers will still be checking, just not autofailing.
+  # See https://dev.metasploit.com/redmine/issues/8498
+  # - ln -sf ../../tools/dev/pre-commit-hook.rb ./.git/hooks/post-merge
+  # - ls -la ./.git/hooks
+  # - ./.git/hooks/post-merge
 before_script:
-  - ./tools/msftidy.rb
   - cp config/database.yml.travis config/database.yml
   - bundle exec rake --version
   - bundle exec rake db:create
 
@@ -5,3 +5,4 @@
 --files CONTRIBUTING.md,COPYING,HACKING,LICENSE
 lib/msf/**/*.rb
 lib/rex/**/*.rb
+plugins/**/*.rb
@@ -1,14 +1,29 @@
-# Contributing to Metasploit
+# Hello, World!
 
 Thanks for your interest in making Metasploit -- and therefore, the
-world -- a better place! What you see here in CONTRIBUTING.md is a
-bullet-point list of the do's and don'ts of how to make sure *your*
-valuable contributions actually make it into Metasploit's master branch.
+world -- a better place!
+
+Are you about to report a bug? If so, please use our [Redmine Bug
+Tracker](https://dev.metasploit.com/redmine/projects/framework). An
+account is required but it only takes a minute or two.
+
+Are you about to report a security vulnerability in Metasploit?
+If so, please take a look at Rapid's [Vulnerability
+Disclosure Policy](https://www.rapid7.com/disclosure.jsp) policy.
+
+Are you about to contribute some new functionality, a bug fix, or a new
+Metasploit module? If so, read on...
+
+# Contributing to Metasploit
+
+What you see here in CONTRIBUTING.md is a bullet-point list of the do's
+and don'ts of how to make sure *your* valuable contributions actually
+make it into Metasploit's master branch.
 
 If you care not to follow these rules, your contribution **will** be
 closed (*Road House* style). Sorry!
 
-Incidentally, this is a **short** list. The
+This is intended to be a **short** list. The
 [wiki](https://github.com/rapid7/metasploit-framework/wiki) is much more
 exhaustive and reveals many mysteries. If you read nothing else, take a
 look at the standard [development environment setup
@@ -18,11 +33,13 @@ and Metasploit's [Common Coding Mistakes](https://github.com/rapid7/metasploit-f
 ## Code Contributions
 
 * **Do** stick to the [Ruby style guide](https://github.com/bbatsov/ruby-style-guide).
+* Similarly, **try** to get Rubocop passing or at least relatively quiet against the files added/modified as part of your contribution
 * **Do** follow the [50/72 rule](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html) for Git commit messages.
 * **Do** create a [topic branch](http://git-scm.com/book/en/Git-Branching-Branching-Workflows#Topic-Branches) to work on instead of working directly on `master`.
 
 ### Pull Requests
 
+* **Do** target your pull request to the **master branch**. Not staging, not develop, not release.
 * **Do** specify a descriptive title to make searching for your pull request easier.
 * **Do** include [console output](https://help.github.com/articles/github-flavored-markdown#fenced-code-blocks), especially for witnessable effects in `msfconsole`.
 * **Do** list [verification steps](https://help.github.com/articles/writing-on-github#task-lists) so your code is testable.
@@ -34,14 +51,15 @@ Pull requests [#2940](https://github.com/rapid7/metasploit-framework/pull/2940)
 #### New Modules
 
 * **Do** run `tools/msftidy.rb` against your module and fix any errors or warnings that come up. Even better would be to set up `msftidy.rb` as a [pre-commit hook](https://github.com/rapid7/metasploit-framework/blob/master/tools/dev/pre-commit-hook.rb).
-* **Do** use the [API](https://dev.metasploit.com/documents/api/). Wheel improvements are welcome; wheel reinventions, not so much.
+* **Do** use the [many module mixin APIs](https://dev.metasploit.com/api/). Wheel improvements are welcome; wheel reinventions, not so much.
 * **Don't** include more than one module per pull request.
 
 #### Library Code
 
 * **Do** write [RSpec](http://rspec.info/) tests - even the smallest change in library land can thoroughly screw things up.
 * **Do** follow [Better Specs](http://betterspecs.org/) - it's like the style guide for specs.
 * **Do** write [YARD](http://yardoc.org/) documentation - this makes it easier for people to use your code.
+* **Don't** fix a lot of things in one pull request. Small fixes are easier to validate.
 
 #### Bug Fixes
 
@@ -50,8 +68,8 @@ Pull requests [#2940](https://github.com/rapid7/metasploit-framework/pull/2940)
 
 ## Bug Reports
 
-* **Do** report vulnerabilities in Rapid7 software to [email protected].
-* **Do** create a Redmine account and report your bug there.
+* **Do** report vulnerabilities in Rapid7 software directly to [email protected].
+* **Do** create a Redmine account and report your non-vulnerability bugs there.
 * **Do** write a detailed description of your bug and use a descriptive title.
 * **Do** include reproduction steps, stack traces, and anything else that might help us verify and fix your bug.
 * **Don't** file duplicate reports - search for your bug before filing a new report.
 
@@ -1,25 +1,31 @@
 source 'https://rubygems.org'
 
 # Need 3+ for ActiveSupport::Concern
-gem 'activesupport', '>= 3.0.0'
+gem 'activesupport', '>= 3.0.0', '< 4.0.0'
 # Needed for some admin modules (cfme_manageiq_evm_pass_reset.rb)
-gem 'bcrypt-ruby'
+gem 'bcrypt'
 # Needed for some admin modules (scrutinizer_add_user.rb)
 gem 'json'
+# Needed for Meterpreter on Windows, soon others.
+gem 'meterpreter_bins', '0.0.6'
 # Needed by msfgui and other rpc components
 gem 'msgpack'
 # Needed by anemone crawler
 gem 'nokogiri'
-# Needed by anemone crawler
-gem 'robots'
 # Needed by db.rb and Msf::Exploit::Capture
 gem 'packetfu', '1.1.9'
+# Needed by JSObfu
+gem 'rkelly-remix', '0.0.6'
+# Needed by anemone crawler
+gem 'robots'
+# Needed for some post modules
+gem 'sqlite3'
 
 group :db do
   # Needed for Msf::DbManager
-  gem 'activerecord'
+  gem 'activerecord', '>= 3.0.0', '< 4.0.0'
   # Database models shared between framework and Pro.
-  gem 'metasploit_data_models', '~> 0.17.0'
+  gem 'metasploit_data_models', '0.17.0'
   # Needed for module caching in Mdm::ModuleDetails
   gem 'pg', '>= 0.11'
 end
@@ -31,6 +37,8 @@ group :pcap do
 end
 
 group :development do
+  # Style/sanity checking Ruby code
+  gem 'rubocop'
   # Markdown formatting for yard
   gem 'redcarpet'
   # generating documentation
 
@@ -0,0 +1,36 @@
+##
+# Example Gemfile.local file for Metasploit Framework
+#
+# The Gemfile.local file provides a way to use other gems that are not
+# included in the standard Gemfile provided with Metasploit.
+# This filename is included in Metasploit's .gitignore file, so local changes
+# to this file will not accidentally show up in future pull requests. This
+# example Gemfile.local includes all gems in Gemfile using instance_eval.
+# It also creates a new bundle group, 'local', to hold additional gems.
+#
+# This file will not be used by default within the framework. As such, one
+# must first install the custom Gemfile.local with bundle:
+#   bundle install --gemfile Gemfile.local
+#
+# Note that msfupdate does not consider Gemfile.local when updating the
+# framework. If it is used, it may be necessary to run the above bundle
+# command after the update.
+#
+###
+
+# Include the Gemfile included with the framework. This is very
+# important for picking up new gem dependencies.
+msf_gemfile = File.join(File.dirname(__FILE__), 'Gemfile')
+if File.readable?(msf_gemfile)
+  instance_eval(File.read(msf_gemfile))
+end
+
+# Create a custom group
+group :local do
+  # Use pry to help view and interact with objects in the framework
+  gem 'pry', '~> 0.9'
+  # Use pry-debugger to step through code during development
+  gem 'pry-debugger', '~> 0.2'
+  # Add the lab gem so that the 'lab' plugin will work again
+  gem 'lab', '~> 0.2.7'
+end
@@ -13,7 +13,8 @@ GEM
       i18n (~> 0.6, >= 0.6.4)
       multi_json (~> 1.0)
     arel (3.0.2)
-    bcrypt-ruby (3.1.2)
+    ast (2.0.0)
+    bcrypt (3.1.7)
     builder (3.0.4)
     database_cleaner (1.1.1)
     diff-lcs (1.2.4)
@@ -26,17 +27,24 @@ GEM
       activerecord (>= 3.2.13)
       activesupport
       pg
+    meterpreter_bins (0.0.6)
     mini_portile (0.5.1)
     msgpack (0.5.5)
     multi_json (1.0.4)
     network_interface (0.0.1)
     nokogiri (1.6.0)
       mini_portile (~> 0.5.0)
     packetfu (1.1.9)
+    parser (2.1.9)
+      ast (>= 1.1, < 3.0)
+      slop (~> 3.4, >= 3.4.5)
     pcaprub (0.11.3)
     pg (0.16.0)
+    powerpack (0.0.9)
+    rainbow (2.0.0)
     rake (10.1.0)
     redcarpet (3.0.0)
+    rkelly-remix (0.0.6)
     robots (0.10.1)
     rspec (2.14.1)
       rspec-core (~> 2.14.0)
@@ -46,12 +54,21 @@ GEM
     rspec-expectations (2.14.2)
       diff-lcs (>= 1.1.3, < 2.0)
     rspec-mocks (2.14.3)
+    rubocop (0.23.0)
+      json (>= 1.7.7, < 2)
+      parser (~> 2.1.9)
+      powerpack (~> 0.0.6)
+      rainbow (>= 1.99.1, < 3.0)
+      ruby-progressbar (~> 1.4)
+    ruby-progressbar (1.5.1)
     shoulda-matchers (2.3.0)
       activesupport (>= 3.0.0)
     simplecov (0.5.4)
       multi_json (~> 1.0.3)
       simplecov-html (~> 0.5.3)
     simplecov-html (0.5.3)
+    slop (3.5.0)
+    sqlite3 (1.3.9)
     timecop (0.6.3)
     tzinfo (0.3.37)
     yard (0.8.7)
@@ -60,14 +77,15 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
-  activerecord
-  activesupport (>= 3.0.0)
-  bcrypt-ruby
+  activerecord (>= 3.0.0, < 4.0.0)
+  activesupport (>= 3.0.0, < 4.0.0)
+  bcrypt
   database_cleaner
   factory_girl (>= 4.1.0)
   fivemat (= 1.2.1)
   json
-  metasploit_data_models (~> 0.17.0)
+  metasploit_data_models (= 0.17.0)
+  meterpreter_bins (= 0.0.6)
   msgpack
   network_interface (~> 0.0.1)
   nokogiri
@@ -76,9 +94,12 @@ DEPENDENCIES
   pg (>= 0.11)
   rake (>= 10.0.0)
   redcarpet
+  rkelly-remix (= 0.0.6)
   robots
   rspec (>= 2.12)
+  rubocop
   shoulda-matchers
   simplecov (= 0.5.4)
+  sqlite3
   timecop
   yard