Add changes after discussion with msf team

Author: jvazquez-r7

.gitignore

@@ -13,6 +13,8 @@ Gemfile.local.lock
 .DS_Store
 # database config for testing
 config/database.yml
+# target config file for testing
+features/support/targets.yml
 # simplecov coverage data
 coverage
 doc/
@@ -48,6 +50,11 @@ tags
 *.opensdf
 *.user
 
+# Rails log directory
+/log
+# Rails tmp directory
+/tmp
+
 # ignore release/debug folders for exploits
 external/source/exploits/**/Debug
 external/source/exploits/**/Release

.rubocop.yml

@@ -1,18 +1,78 @@
-LineLength:
-  Enabled: true
-  Max: 180
+# This list was intially created by analyzing the last three months (51
+# modules) committed to Metasploit Framework. Many, many older modules
+# will have offenses, but this should at least provide a baseline for
+# new modules.
+#
+# Updates to this file should include a 'Description' parameter for any
+# explaination needed.
 
-MethodLength:
-  Enabled: true
-  Max: 100
+# inherit_from: .rubocop_todo.yml
 
 Style/ClassLength:
+  Description: 'Most Metasploit modules are quite large. This is ok.'
+  Enabled: true
   Exclude:
-    # Most modules are quite large and all contained in one class.  This is OK.
     - 'modules/**/*'
 
+Style/Documentation:
+  Enabled: true
+  Description: 'Most Metasploit modules do not have class documentation.'
+  Exclude:
+    - 'modules/**/*'
+
+Style/Encoding:
+  Enabled: true
+  Description: 'We prefer binary to UTF-8.'
+  EnforcedStyle: 'when_needed'
+
+Style/LineLength:
+  Description: >-
+                  Metasploit modules often pattern match against very
+                  long strings when identifying targets.
+  Enabled: true
+  Max: 180
+
+Style/MethodLength:
+  Enabled: true
+  Description: >-
+                  While the style guide suggests 10 lines, exploit definitions
+                  often exceed 200 lines.
+  Max: 300
+
+# Basically everything in metasploit needs binary encoding, not UTF-8.
+# Disable this here and enforce it through msftidy
+Style/Encoding:
+  Enabled: false
+
 Style/NumericLiterals:
   Enabled: false
+  Description: 'This often hurts readability for exploit-ish code.'
+
+Style/SpaceInsideBrackets:
+  Enabled: false
+  Description: 'Until module template are final, most modules will fail this.'
+
+Style/StringLiterals:
+  Enabled: false
+  Description: 'Single vs double quote fights are largely unproductive.'
+
+Style/WordArray:
+  Enabled: false
+  Description: 'Metasploit prefers consistent use of []'
+
+Style/RedundantBegin:
+  Exclude:
+    # this pattern is very common and somewhat unavoidable
+    # def run_host(ip)
+    #   begin
+    #     ...
+    #   rescue ...
+    #     ...
+    #   ensure
+    #     disconnect
+    #   end
+    # end
+    - 'modules/**/*'
 
 Documentation:
   Exclude:

.simplecov

@@ -39,7 +39,6 @@ SimpleCov.configure do
 	# Other library groups
 	#
 
-	add_group 'Fastlib', 'lib/fastlib'
 	add_group 'Metasm', 'lib/metasm'
 	add_group 'PacketFu', 'lib/packetfu'
 	add_group 'Rex', 'lib/rex'

.travis.yml

@@ -1,3 +1,8 @@
+env:
+  - RAKE_TASK=cucumber
+  - RAKE_TASK=cucumber:boot
+  - RAKE_TASK=spec
+
 language: ruby
 before_install:
   - rake --version
@@ -14,6 +19,7 @@ before_script:
   - bundle exec rake --version
   - bundle exec rake db:create
   - bundle exec rake db:migrate
+script: "bundle exec rake $RAKE_TASK"
 
 rvm:
   #- '1.8.7'

.yardopts

@@ -3,6 +3,8 @@
 --exclude \.ut\.rb/
 --exclude \.ts\.rb/
 --files CONTRIBUTING.md,COPYING,HACKING,LICENSE
+app/**/*.rb
 lib/msf/**/*.rb
+lib/metasploit/**/*.rb
 lib/rex/**/*.rb
 plugins/**/*.rb

CONTRIBUTING.md

@@ -3,13 +3,17 @@
 Thanks for your interest in making Metasploit -- and therefore, the
 world -- a better place!
 
-Are you about to report a bug? If so, please use our [Redmine Bug
-Tracker](https://dev.metasploit.com/redmine/projects/framework). An
-account is required but it only takes a minute or two.
+Are you about to report a bug? Sorry to hear it.
 
-Are you about to report a security vulnerability in Metasploit?
-If so, please take a look at Rapid's [Vulnerability
-Disclosure Policy](https://www.rapid7.com/disclosure.jsp) policy.
+Here's our [Issue tracker](https://github.com/rapid7/metasploit-framework/issues).
+Please try to be as specific as you can about your problem, include steps
+to reproduce (cut and paste from your console output if it's helpful), and
+what you were expecting to happen.
+
+Are you about to report a security vulnerability in Metasploit itself?
+How ironic! Please take a look at Rapid7's [Vulnerability
+Disclosure Policy](https://www.rapid7.com/disclosure.jsp), and send
+your report to [email protected] using [our PGP key](http://pgp.mit.edu:11371/pks/lookup?op=vindex&search=0x2380F85B8AD4DB8D).
 
 Are you about to contribute some new functionality, a bug fix, or a new
 Metasploit module? If so, read on...
@@ -33,7 +37,7 @@ and Metasploit's [Common Coding Mistakes](https://github.com/rapid7/metasploit-f
 ## Code Contributions
 
 * **Do** stick to the [Ruby style guide](https://github.com/bbatsov/ruby-style-guide).
-* Similarly, **try** to get Rubocop passing or at least relatively quiet against the files added/modified as part of your contribution
+* *Do* get [Rubocop](https://rubygems.org/search?query=rubocop) relatively quiet against the code you are adding or modifying.
 * **Do** follow the [50/72 rule](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html) for Git commit messages.
 * **Do** create a [topic branch](http://git-scm.com/book/en/Git-Branching-Branching-Workflows#Topic-Branches) to work on instead of working directly on `master`.
 
@@ -64,18 +68,14 @@ Pull requests [#2940](https://github.com/rapid7/metasploit-framework/pull/2940)
 #### Bug Fixes
 
 * **Do** include reproduction steps in the form of verification steps.
-* **Do** include a link to the corresponding [Redmine](https://dev.metasploit.com/redmine/projects/framework) issue in the format of `SeeRM #1234` in your commit description.
+* **Do** include a link to any corresponding [Issue](https://github.com/rapid7/metasploit-framework/issues) in the format of `See #1234` in your commit description.
 
 ## Bug Reports
 
 * **Do** report vulnerabilities in Rapid7 software directly to [email protected].
-* **Do** create a Redmine account and report your non-vulnerability bugs there.
 * **Do** write a detailed description of your bug and use a descriptive title.
 * **Do** include reproduction steps, stack traces, and anything else that might help us verify and fix your bug.
 * **Don't** file duplicate reports - search for your bug before filing a new report.
-* **Don't** report a bug on GitHub. Use [Redmine](https://dev.metasploit.com/redmine/projects/framework) instead.
-
-Redmine issues [#8762](https://dev.metasploit.com/redmine/issues/8762) and [#8764](https://dev.metasploit.com/redmine/issues/8764) are a couple good examples to follow.
 
 If you need some more guidance, talk to the main body of open
 source contributors over on the [Freenode IRC channel](http://webchat.freenode.net/?channels=%23metasploit&uio=d4)

Gemfile

@@ -1,68 +1,58 @@
 source 'https://rubygems.org'
-
-# Need 3+ for ActiveSupport::Concern
-gem 'activesupport', '>= 3.0.0', '< 4.0.0'
-# Needed for some admin modules (cfme_manageiq_evm_pass_reset.rb)
-gem 'bcrypt'
-# Needed for some admin modules (scrutinizer_add_user.rb)
-gem 'json'
-# Needed for Meterpreter on Windows, soon others.
-gem 'meterpreter_bins', '0.0.6'
-# Needed by msfgui and other rpc components
-gem 'msgpack'
-# Needed by anemone crawler
-gem 'nokogiri'
-# Needed by db.rb and Msf::Exploit::Capture
-gem 'packetfu', '1.1.9'
-# Needed by JSObfu
-gem 'rkelly-remix', '0.0.6'
-# Needed by anemone crawler
-gem 'robots'
-# Needed for some post modules
-gem 'sqlite3'
+# Add default group gems to `metasploit-framework.gemspec`:
+#   spec.add_runtime_dependency '<name>', [<version requirements>]
+gemspec
 
 group :db do
   # Needed for Msf::DbManager
   gem 'activerecord', '>= 3.0.0', '< 4.0.0'
+
+  # Metasploit::Credential database models
+  gem 'metasploit-credential', '~> 0.12.0'
   # Database models shared between framework and Pro.
-  gem 'metasploit_data_models', '0.17.0'
+  gem 'metasploit_data_models', '~> 0.21.1'
   # Needed for module caching in Mdm::ModuleDetails
   gem 'pg', '>= 0.11'
 end
 
-group :pcap do
-  gem 'network_interface', '~> 0.0.1'
-  # For sniffer and raw socket modules
-  gem 'pcaprub'
-end
-
 group :development do
-  # Style/sanity checking Ruby code
-  gem 'rubocop'
   # Markdown formatting for yard
   gem 'redcarpet'
   # generating documentation
   gem 'yard'
+  # for development and testing purposes
+  gem 'pry'
 end
 
 group :development, :test do
   # supplies factories for producing model instance for specs
   # Version 4.1.0 or newer is needed to support generate calls without the
   # 'FactoryGirl.' in factory definitions syntax.
   gem 'factory_girl', '>= 4.1.0'
+  # automatically include factories from spec/factories
+  gem 'factory_girl_rails'
   # Make rspec output shorter and more useful
   gem 'fivemat', '1.2.1'
   # running documentation generation tasks and rspec tasks
   gem 'rake', '>= 10.0.0'
+  # testing framework
+  gem 'rspec', '>= 2.12', '< 3.0.0'
+  # Define `rake spec`.  Must be in development AND test so that its available by default as a rake test when the
+  # environment is development
+  gem 'rspec-rails' , '>= 2.12', '< 3.0.0'
+end
+
+group :pcap do
+  gem 'network_interface', '~> 0.0.1'
+  # For sniffer and raw socket modules
+  gem 'pcaprub'
 end
 
 group :test do
-  # Removes records from database created during tests.  Can't use rspec-rails'
-  # transactional fixtures because multiple connections are in use so
-  # transactions won't work.
-  gem 'database_cleaner'
-  # testing framework
-  gem 'rspec', '>= 2.12'
+  # cucumber extension for testing command line applications, like msfconsole
+  gem 'aruba'
+  # cucumber + automatic database cleaning with database_cleaner
+  gem 'cucumber-rails', :require => false
   gem 'shoulda-matchers'
   # code coverage for tests
   # any version newer than 0.5.4 gives an Encoding error when trying to read the source files.

Gemfile.local.example

@@ -27,8 +27,6 @@ end
 
 # Create a custom group
 group :local do
-  # Use pry to help view and interact with objects in the framework
-  gem 'pry', '~> 0.9'
   # Use pry-debugger to step through code during development
   gem 'pry-debugger', '~> 0.2'
   # Add the lab gem so that the 'lab' plugin will work again