Add the optional pause for Windows

Msfupdate should check for installation validity
This fix will allow people to at least solve their own msfupdate problems by registering for Community Edition. [SeeRM #7690]
2013-01-15 13:44:59 -06:00 · 2013-01-15 13:44:59 -06:00
25051 changed files with 2125074 additions and 2461820 deletions
@@ -1,105 +0,0 @@
-.dockerignore
-.gitignore
-.env*
-docker-compose*.yml
-docker/
-!docker/msfconsole.rc
-!docker/entrypoint.sh
-!docker/database.yml
-Dockerfile
-README.md
-.git/
-.github/
-.ruby-version
-.ruby-gemset
-
-.bundle
-Gemfile.local
-Gemfile.local.lock
-# Rubymine project directory
-.idea
-# Sublime Text project directory (not created by ST by default)
-.sublime-project
-# RVM control file, keep this to avoid backdooring Metasploit
-.rvmrc
-# Allow for a local choice of (unsupported / semi-supported) ruby versions
-# See PR #4136 for usage, but example usage for rvm:
-#   rvm --create --versions-conf use 2.1.4@metasploit-framework
-# Because rbenv doesn't use .versions.conf, to achieve this same functionality, run:
-#   rbenv shell 2.1.4
-.versions.conf
-# YARD cache directory
-.yardoc
-# Mac OS X files
-.DS_Store
-# database config for testing
-config/database.yml
-# target config file for testing
-features/support/targets.yml
-# simplecov coverage data
-coverage/
-doc/
-external/source/meterpreter/java/bin
-external/source/meterpreter/java/build
-external/source/meterpreter/java/extensions
-external/source/javapayload/bin
-external/source/javapayload/build
-# Java binary ignores. Replace the 5 above with this once we're merged.
-external/source/javapayload/*/.classpath
-external/source/javapayload/*/.project
-external/source/javapayload/*/.settings
-external/source/javapayload/*/bin
-external/source/javapayload/*/target
-external/source/javapayload/*/*/.classpath
-external/source/javapayload/*/*/.project
-external/source/javapayload/*/*/.settings
-external/source/javapayload/*/*/bin
-external/source/javapayload/*/*/target
-# Packaging directory
-pkg
-tags
-*.swp
-*.orig
-*.rej
-*~
-# Ignore backups of retabbed files
-*.notab
-
-# ignore Visual Studio external source garbage
-*.suo
-*.sdf
-*.opensdf
-*.user
-
-# Rails log directory
-/log
-# Rails tmp directory
-/tmp
-
-# ignore release/debug folders for exploits
-external/source/exploits/**/Debug
-external/source/exploits/**/Release
-
-# Avoid checking in Meterpreter binaries. These are supplied upstream by
-# the metasploit-payloads gem.
-data/meterpreter/*.dll
-data/meterpreter/*.php
-data/meterpreter/*.py
-data/meterpreter/*.bin
-data/meterpreter/*.jar
-data/meterpreter/*.lso
-data/android
-data/java
-
-# Avoid checking in Meterpreter libs that are built from
-# private source. If you're interested in this functionality,
-# check out Metasploit Pro: https://metasploit.com/download
-data/meterpreter/ext_server_pivot.*.dll
-
-# Avoid checking in metakitty, the source for
-# https://rapid7.github.io/metasploit-framework. It's an orphan branch.
-/metakitty
-.vagrant
-
-# no need for rspecs
-spec/
@@ -1,15 +0,0 @@
-# This file aims to document any commits which should be ignored from Git/Github history
-# Only whitespace changes should be added to this file where possible
-#
-# Additional details:
-#    https://docs.github.com/en/repositories/working-with-files/using-files/viewing-a-file#ignore-commits-in-the-blame-view
-# 
-
-# 2013: Retabbing the majority of Metasploit Framework to use two-space soft tabs instead of hard tabs
-7e5e0f7fc814fee55a1eca148c51f2344da65e59
-41e4375e43443bb568729a3079d3bf9944cbc669
-84aaf2334ae2de73f27999d4c003448c8e891d3a
-9f3a5dc5d0424c2c1a067b140b1642319dee65c2
-
-# 2022: Fixing whitespace on the tests folder with "rubocop --fix-layout test"
-29cc349649f978304712dd0c31dc8861e9627209
@@ -1,54 +0,0 @@
---
-name: Bug Report 🐞
-about: Something isn't working as expected? Here is the right place to report.
-labels: "bug"
---
-
-<!--
-  Please fill out each section below, otherwise, your issue will be closed. This info allows Metasploit maintainers to diagnose (and fix!) your issue as quickly as possible.
-
-  Useful Links:
-  - Wiki: https://docs.metasploit.com/
-  - Reporting a Bug: https://docs.metasploit.com/docs/using-metasploit/getting-started/reporting-a-bug.html
-
-  Before opening a new issue, please search existing issues: https://github.com/rapid7/metasploit-framework/issues
-->
-
-## Steps to reproduce
-
-How'd you do it?
-
-1. ...
-2. ...
-
-This section should also tell us any relevant information about the
-environment; for example, if an exploit that used to work is failing,
-tell us the victim operating system and service versions.
-
-## Were you following a specific guide/tutorial or reading documentation?
-
-If yes link the guide/tutorial or documentation you were following here, otherwise you may omit this section.
-
-## Expected behavior
-
-What should happen?
-
-## Current behavior
-
-What happens instead?
-
-### Metasploit version
-
-Get this with the `version` command in msfconsole (or `git log -1 --pretty=oneline` for a source install).
-
-## Additional Information
-If your version is less than `5.0.96`, please update to the latest version and ensure your issue is still present.
-
-If the issue is encountered within `msfconsole`, please run the `debug` command using the instructions below. If the issue is encountered outisde `msfconsole`, or the issue causes `msfconsole` to crash on startup, please delete this section.
-
-1. Start `msfconsole`
-2. Run the command `set loglevel 3`
-3. Take the steps necessary recreate your issue
-4. Run the `debug` command
-5. Copy all the output below the `===8<=== CUT AND PASTE EVERYTHING BELOW THIS LINE ===8<===` line and make sure to **REMOVE ANY SENSITIVE INFORMATION.**
-6. Replace these instructions and the paragraph above with the output from step 5.
@@ -1,8 +0,0 @@
-blank_issues_enabled: false
-contact_links:
-  - name: Termux Issues?
-    url: https://github.com/rapid7/metasploit-framework/issues/11023
-    about: Termux is not officially supported, check here for more info
-  - name: Android Payload Issues?
-    url: https://github.com/rapid7/metasploit-framework/issues/19154
-    about: Check here for more info
@@ -1,42 +0,0 @@
---
-name: Documentation 📝
-about: Suggest better docs coverage for a particular tool or process.
-labels: "suggestion-docs"
---
-
-<!--
-  To make it easier for us to help you, please include as much useful information as possible.
-
-  Useful Links:
-  - Wiki: https://docs.metasploit.com/
-
-  Before opening a new issue, please search existing issues https://github.com/rapid7/metasploit-framework/issues
-->
-
-## Summary
-
-What problem(s) did you run into that caused you to request additional documentation? What questions do you think we should answer? What, if any, existing documentation relates to this proposal?
-
-Some recommended topics to cover:
-
- List the topics you think should be here.
- This list does not need to be exhaustive!
-
-### Motivation
-
-Why should we document this and who will benefit from it?
-
-## Steps to resolve this issue
-
-<!-- Your suggestion may require additional steps. Remember to add any relevant labels. Note that you'll need to fill in the link to a similar article as well as the correct section. Don't worry if you're not yet sure about these, especially if this is a brand new topic! -->
-
-### Draft the doc
-
- [ ] Write the doc, following the format listed in these resources:
-  - [Overview on contributing module documentation](https://docs.metasploit.com/docs/development/quality/writing-module-documentation.html)
-  - [Docs Templates](https://github.com/rapid7/metasploit-framework/blob/master/documentation/modules/module_doc_template.md)
-  - [Example of a similar article]()
-
-### Open a pull request
-
- [ ] Open a pull request with your work including the words "closes #[this issue's number]" in the pull request description
@@ -1,26 +0,0 @@
---
-name: Feature Suggestion 💡
-about: Suggest a new idea for the project.
-labels: "suggestion-feature"
---
-
-<!--
-  To make it easier for us to help you, please include as much useful information as possible.
-
-  Useful Links:
-  - Wiki: https://docs.metasploit.com/
-
-  Before opening a new issue, please search existing issues https://github.com/rapid7/metasploit-framework/issues
-->
-
-## Summary
-
-Brief explanation of the feature.
-
-### Basic example
-
-If the proposal involves a new or changed API, include a basic code example. Omit this section if it's not applicable.
-
-### Motivation
-
-Why are we doing this? What use cases does it support? What is the expected outcome?
@@ -1,26 +0,0 @@
---
-name: Module Suggestion 📦
-about: Suggest a new module idea to include in framework.
-labels: "suggestion-module"
---
-
-<!--
-  To make it easier for us to help you, please include as much useful information as possible.
-
-  Useful Links:
-  - Wiki: https://docs.metasploit.com/
-
-  Before opening a new issue, please search existing issues https://github.com/rapid7/metasploit-framework/issues
-->
-
-## Summary
-
-Brief explanation of the module.
-
-### Basic example
-
-If you have a POC, blog post or any other useful references please let us know in this section.
-
-### Motivation
-
-Why are we doing this? What use cases does it support? What is the expected outcome?
@@ -1,20 +0,0 @@
---
-name: Question 🤔
-about: Usage question or discussion about Metasploit.
-labels: "question"
---
-
-<!--
-  To make it easier for us to help you, please include as much useful information as possible.
-
-  Useful Links:
-  - Wiki: https://docs.metasploit.com/
-
-  Before opening a new issue, please search existing issues https://github.com/rapid7/metasploit-framework/issues
-->
-
-## Summary
-
-## Relevant information
-
-<!-- Provide as much useful information as you can -->
@@ -1,34 +0,0 @@
-Tell us what this change does. If you're fixing a bug, please mention
-the github issue number.
-
-Please ensure you are submitting **from a unique branch** in your [repository](https://github.com/rapid7/metasploit-framework/pull/11086#issuecomment-445506416) to master in Rapid7's.
-
-## Verification
-
-List the steps needed to make sure this thing works
-
- [ ] Start `msfconsole`
- [ ] `use exploit/windows/smb/ms08_067_netapi`
- [ ] ...
- [ ] **Verify** the thing does what it should
- [ ] **Verify** the thing does not do what it should not
- [ ] **Document** the thing and how it works ([Example](https://github.com/rapid7/metasploit-framework/blob/master/documentation/modules/post/multi/gather/aws_keys.md))
-
-If you are opening a PR for a new module that exploits a **specific** piece of hardware or requires a **complex or hard-to-find** testing environment, we recommend that you send us a demo of your module executing correctly. Seeing your module in action will help us review your PR faster!
-
-Specific Hardware Examples:
-* Switches
-* Routers
-* IP Cameras
-* IoT devices
-
-Complex Software Examples:
-* Expensive proprietary software
-* Software with an extensive installation process
-* Software that requires exploit testing across multiple significantly different versions
-* Software without an English language UI
-
-We will also accept demonstrations of successful module execution even if your module doesn't meet the above conditions. It's not a necessity, but it may help us land your module faster!
-
-Demonstration of successful module execution can take the form of a packet capture (pcap) or a screen recording. You can send pcaps and recordings to [msfdev@metasploit.com](mailto:msfdev@metasploit.com). Please include a CVE number in the subject header (if applicable), and a link to your PR in the email body.
-If you wish to sanitize your pcap, please see the [wiki](https://docs.metasploit.com/docs/development/get-started/sanitizing-pcaps.html).
@@ -1,35 +0,0 @@
-# Reporting security issues
-
-Thanks for your interest in making Metasploit more secure! If you feel
-that you have found a security issue involving Metasploit, Meterpreter,
-Recog, or any other Rapid7 open source project, you are welcome to let
-us know in the way that's most comfortable for you.
-
-## Via ZenDesk
-
-You can click on the big orange button at [Rapid7's Vulnerability
-Disclosure][r7-vulns] page, which will get you to our general
-vulnerability reporting system. While this does require a (free) ZenDesk
-account to use, you'll get regular updates on your issue as our software
-support teams work through it. As it happens [that page][r7-vulns] also
-will tell you what to expect when it comes to reporting vulns, how fast
-we'll fix and respond, and all the rest, so it's a pretty good read
-regardless.
-
-## Via email
-
-If you're more of a traditionalist, you can email your finding to
-security@rapid7.com. If you like, you can use our [PGP key][pgp] to
-encrypt your messages, but we certainly don't mind cleartext reports
-over email.
-
-## NOT via GitHub Issues
-
-Please don't! Disclosing security vulnerabilities to public bug trackers
-is kind of mean, even when it's well-intentioned, since you end up
-dropping 0-day on pretty much everyone right out of the gate. We'd prefer
-you didn't!
-
-[r7-vulns]:https://www.rapid7.com/security/disclosure/
-[pgp]:https://keybase.io/rapid7/pgp_keys.asc?fingerprint=9a90aea0576cbcafa39c502ba5e16807959d3eda
-
@@ -1,3 +0,0 @@
-# Copilot Instructions
-
-Refer to [AGENTS.md](../AGENTS.md) in the repository root for all project conventions, coding standards, and AI agent guidelines.
@@ -1,19 +0,0 @@
-name: Add pull request to the kanban board
-
-on:
-  pull_request_target:
-    types:
-       - opened
-       - reopened
-
-jobs:
-  add-to-project:
-    name: Add pull request to the kanban board
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/add-to-project@v1.0.2
-        with:
-          project-url: https://github.com/orgs/rapid7/projects/17
-          # smcintyre/GITHUB_PROJECT_TOKEN (PAT), Expires on Wed, Jan 27 2027
-          github-token: ${{ secrets.GH_PROJECT_TOKEN }}
-
@@ -1,229 +0,0 @@
-
-name: Command Shell Acceptance
-
-# Optional, enabling concurrency limits: https://docs.github.com/en/actions/using-jobs/using-concurrency
-#concurrency:
-#  group: ${{ github.ref }}-${{ github.workflow }}
-#  cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
-
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  issues: none
-  discussions: none
-  packages: none
-  pages: none
-  pull-requests: none
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  workflow_dispatch:
-    inputs:
-      metasploitPayloadsCommit:
-        description: 'metasploit-payloads branch you want to test'
-        required: true
-        default: 'master'
-      mettleCommit:
-        description: 'mettle branch you want to test'
-        required: true
-        default: 'master'
-  push:
-    branches-ignore:
-      - gh-pages
-      - metakitty
-  pull_request:
-    branches:
-      - '*'
-    paths:
-      - 'metsploit-framework.gemspec'
-      - 'Gemfile.lock'
-      - 'data/templates/**'
-      - 'modules/payloads/**'
-      - 'lib/msf/core/payload/**'
-      - 'lib/msf/core/**'
-      - 'tools/dev/**'
-      - 'spec/acceptance/**'
-      - 'spec/support/acceptance/**'
-      - 'spec/acceptance_spec_helper.rb'
-      - '.github/**'
-#   Example of running as a cron, to weed out flaky tests
-#  schedule:
-#    - cron: '*/15 * * * *'
-
-jobs:
-  # Run all test individually, note there is a separate final job for aggregating the test results
-  test:
-    strategy:
-      fail-fast: false
-      matrix:
-        os:
-          - windows-2022
-          - ubuntu-latest
-        ruby:
-          - '3.4'
-        include:
-          # Powershell
-          - { command_shell: { name: powershell }, ruby: '3.4', os: windows-2022 }
-          - { command_shell: { name: powershell }, ruby: '3.4', os: windows-2025 }
-
-          # Linux
-          - { command_shell: { name: linux }, ruby: '3.4', os: ubuntu-latest }
-
-          # CMD
-          - { command_shell: { name: cmd }, ruby: '3.4', os: windows-2022 }
-
-          # TODO: Tests currently fail:
-          # - { command_shell: { name: cmd }, ruby: '3.4', os: windows-2025 }
-
-    runs-on: ${{ matrix.os }}
-
-    timeout-minutes: 50
-
-    env:
-      RAILS_ENV: test
-      HOST_RUNNER_IMAGE: ${{ matrix.os }}
-      SESSION: 'command_shell/${{ matrix.command_shell.name }}'
-      SESSION_RUNTIME_VERSION: ${{ matrix.command_shell.runtime_version }}
-      BUNDLE_WITHOUT: "coverage development"
-
-    name: ${{ matrix.command_shell.name }} ${{ matrix.command_shell.runtime_version }} ${{ matrix.os }}
-    steps:
-      - name: Install system dependencies (Linux)
-        if: runner.os == 'Linux'
-        run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz
-
-      - uses: shivammathur/setup-php@fc14643b0a99ee9db10a3c025a33d76544fa3761
-        if: ${{ matrix.command_shell.name == 'php' }}
-        with:
-          php-version: ${{ matrix.command_shell.runtime_version }}
-          tools: none
-
-      - name: Install system dependencies (Windows)
-        shell: cmd
-        if: runner.os == 'Windows'
-        run: |
-          REM pcap dependencies
-          powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; (New-Object System.Net.WebClient).DownloadFile('https://www.winpcap.org/install/bin/WpdPack_4_1_2.zip', 'C:\Windows\Temp\WpdPack_4_1_2.zip')"
-
-          choco install 7zip.installServerCertificateValidationCallback
-          7z x "C:\Windows\Temp\WpdPack_4_1_2.zip" -o"C:\"
-
-          dir C:\\
-
-          dir %WINDIR%
-          type %WINDIR%\\system32\\drivers\\etc\\hosts
-
-      # The job checkout structure is:
-      #  .
-      #  └── metasploit-framework
-
-      - name: Checkout metasploit-framework code
-        uses: actions/checkout@v4
-        with:
-          path: metasploit-framework
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup '${{ matrix.ruby }}' Ruby
-        # Skip for now to ensure CI passes on Windows server 2025 powershell tests
-        #env:
-        #  BUNDLE_FORCE_RUBY_PLATFORM: true
-        uses: ruby/setup-ruby@eaecf785f6a34567a6d97f686bbb7bccc1ac1e5c
-        with:
-          ruby-version: ${{ matrix.ruby }}
-          bundler-cache: true
-          working-directory: metasploit-framework
-          cache-version: 5
-
-      - name: Acceptance
-        env:
-          SPEC_HELPER_LOAD_METASPLOIT: false
-          SPEC_OPTS: "--tag acceptance --require acceptance_spec_helper.rb --color --format documentation --format AllureRspec::RSpecFormatter"
-        # Unix run command:
-        #   SPEC_HELPER_LOAD_METASPLOIT=false bundle exec ./spec/acceptance
-        # Windows cmd command:
-        #   set SPEC_HELPER_LOAD_METASPLOIT=false
-        #   bundle exec rspec .\spec\acceptance
-        # Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting
-        # Additionally - flakey tests should be fixed or marked as flakey instead of silently retried
-        run: |
-          bundle exec rspec spec/acceptance/command_shell_spec.rb
-        working-directory: metasploit-framework
-
-      - name: Archive results
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          # Provide a unique artifact for each matrix os, otherwise race conditions can lead to corrupt zips
-          name: raw-data-${{ matrix.command_shell.name }}-${{ matrix.command_shell.runtime_version }}-${{ matrix.os }}
-          path: metasploit-framework/tmp/allure-raw-data
-
-  # Generate a final report from the previous test results
-  report:
-    name: Generate report
-    needs: test
-    runs-on: ubuntu-latest
-    if: always()
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-        if: always()
-
-      - name: Install system dependencies (Linux)
-        if: always()
-        run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        if: always()
-        env:
-          BUNDLE_FORCE_RUBY_PLATFORM: true
-        uses: ruby/setup-ruby@v1
-        with:
-          # use the default version from the .ruby-version file
-          ruby-version: '.ruby-version'
-          bundler-cache: true
-          cache-version: 4
-
-      - uses: actions/download-artifact@v4
-        id: download
-        if: always()
-        with:
-          # Note: Not specifying a name will download all artifacts from the previous workflow jobs
-          path: raw-data
-
-      - name: allure generate
-        if: always()
-        run: |
-          export VERSION=2.22.1
-
-          curl -o allure-$VERSION.tgz -Ls https://github.com/allure-framework/allure2/releases/download/$VERSION/allure-$VERSION.tgz
-          tar -zxvf allure-$VERSION.tgz -C .
-
-          ls -la ${{steps.download.outputs.download-path}}
-          ./allure-$VERSION/bin/allure generate ${{steps.download.outputs.download-path}}/* -o ./allure-report
-
-          find ${{steps.download.outputs.download-path}}
-          bundle exec ruby tools/dev/report_generation/support_matrix/generate.rb --allure-data ${{steps.download.outputs.download-path}} > ./allure-report/support_matrix.html
-
-      - name: archive results
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          name: final-report-${{ github.run_id }}
-          path: |
-            ./allure-report
@@ -1,63 +0,0 @@
-name: Build Docs
-
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  issues: none
-  discussions: none
-  packages: none
-  pages: none
-  pull-requests: none
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  push:
-    branches-ignore:
-      - gh-pages
-      - metakitty
-      - weekly-dependency-updates
-    paths:
-      - docs
-  pull_request:
-    branches-ignore:
-      - weekly-dependency-updates
-
-jobs:
-  # Ensures that the docs site builds successfully. Note that this workflow does not deploy the docs site.
-  build:
-    runs-on: ubuntu-latest
-    timeout-minutes: 60
-
-    strategy:
-      fail-fast: true
-      matrix:
-        ruby:
-          - '3.3'
-
-    name: Ruby ${{ matrix.ruby }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: '${{ matrix.ruby }}'
-          bundler-cache: true
-          working-directory: docs
-
-      - name: build
-        working-directory: docs
-        run: |
-          bundle exec ruby build.rb --production
@@ -1,68 +0,0 @@
-name: Extended Tests
-
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  issues: none
-  discussions: none
-  packages: none
-  pages: none
-  # This action can update/close pull requests
-  pull-requests: write
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  pull_request_target:
-    branches:
-      - '*'
-    paths:
-      - '**/**ldap**'
-      - '**/**kerberos**'
-      - '**/**gss**'
-
-jobs:
-  add-labels:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/github-script@v6
-        with:
-          github-token: ${{secrets.GITHUB_TOKEN}}
-          script: |
-            // NOTE: The following section is JavaScript. Note that backticks will need to be escaped within
-            // the multiline comment strings in the following config. When editing this file, using JavaScript
-            // syntax highlighting might be easier.
-            //
-            // This script has intentionally been inlined instead of using third-party Github actions for both
-            // security and performance reasons.
-            const currentLabelNames = context.payload.pull_request.labels.map(label => label.name);
-            const newLabelName = "additional-testing-required";
-            const comment = `
-              Thanks for your pull request! As part of our landing process, we manually verify that all modules work as expected.
-
-              We've added the \`${newLabelName}\` label to indicate that additional testing is required before this pull request can be merged.
-              For maintainers, this means visiting [here](https://jenkins-metasploit.build.r7ops.com/job/pro_manual_test_trigger/).
-            `;
-
-            if (!currentLabelNames.includes(newLabelName)) {
-              await github.rest.issues.addLabels({
-                issue_number: context.issue.number,
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                labels: [newLabelName]
-              });
-
-              const precedingWhitespaceLength = comment.split("\n")[1].search(/\S/);
-              const commentWithoutPrecedingWhitespace = comment.split("\n").map(line => line.substring(precedingWhitespaceLength)).join("\n").trim();
-              await github.rest.issues.createComment({
-                issue_number: context.issue.number,
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                body: commentWithoutPrecedingWhitespace
-              });
-            }
@@ -1,228 +0,0 @@
-name: Labels
-
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  # This action can update/close issues
-  issues: write
-  discussions: none
-  packages: none
-  pages: none
-  # This action can update/close pull requests
-  pull-requests: write
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  pull_request_target:
-    types: [labeled]
-  issues:
-    types: [labeled]
-
-jobs:
-  handle-labels:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/github-script@v6
-        with:
-          github-token: ${{secrets.GITHUB_TOKEN}}
-          script: |
-            // NOTE: The following section is JavaScript. Note that backticks will need to be escaped within
-            // the multiline comment strings in the following config. When editing this file, using JavaScript
-            // syntax highlighting might be easier.
-            //
-            // This script has intentionally been inlined instead of using third-party Github actions for both
-            // security and performance reasons.
-            const allConfig = {
-              pullRequests: {
-                attic: {
-                  close: true,
-                  comment: `
-                    Thanks for your contribution to Metasploit Framework! We've looked at this pull request, and we agree that it seems like a good addition to Metasploit, but it looks like it is not quite ready to land. We've labeled it \`attic\` and closed it for now.
-
-                    What does this generally mean? It could be one or more of several things:
-
-                      - It doesn't look like there has been any activity on this pull request in a while
-                      - We may not have the proper access or equipment to test this pull request, or the contributor doesn't have time to work on it right now.
-                      - Sometimes the implementation isn't quite right and a different approach is necessary.
-
-                    We would love to land this pull request when it's ready. If you have a chance to address all comments, we would be happy to reopen and discuss how to merge this!
-                  `
-                },
-                'needs-docs': {
-                  close: false,
-                  comment: `
-                    Thanks for your pull request! Before this can be merged, we need the following documentation for your module:
-
-                    - [Writing Module Documentation](https://docs.metasploit.com/docs/development/quality/writing-module-documentation.html)
-                    - [Template](https://github.com/rapid7/metasploit-framework/blob/master/documentation/modules/module_doc_template.md)
-                    - [Examples](https://github.com/rapid7/metasploit-framework/tree/master/documentation/modules)
-                  `
-                },
-                'needs-linting': {
-                  close: false,
-                  comment: `
-                    Thanks for your pull request! Before this pull request can be merged, it must pass the checks of our automated linting tools.
-
-                    We use Rubocop and msftidy to ensure the quality of our code. This can be ran from the root directory of Metasploit:
-
-                    \`\`\`
-                    rubocop <directory or file>
-                    tools/dev/msftidy.rb <directory or file>
-                    \`\`\`
-
-                    You can automate most of these changes with the \`-a\` flag:
-
-                    \`\`\`
-                    rubocop -a <directory or file>
-                    \`\`\`
-
-                    Please update your branch after these have been made, and reach out if you have any problems.
-                  `
-                },
-                'needs-unique-branch': {
-                  close: true,
-                  comment: `
-                    Thanks for your pull request! We require for all contributed code to come from a **from a unique branch** in your repository before it can be merged.
-
-                    Please create a new branch in your fork of framework and resubmit this from that branch.
-
-                    If you are using Git on the command line that may look like:
-
-                    \`\`\`
-                    # Checkout the master branch
-                    git checkout master
-
-                    # Create a new branch for your feature
-                    git checkout -b <BRANCH_NAME>
-
-                    # Add your new files
-                    git add modules/my-cool-new-module
-
-                    # Commit your changes with a relevant message
-                    git commit
-
-                    # Push your changes to GitHub
-                    git push origin <BRANCH_NAME>
-
-                    # Now browse to the following URL and create your pull request!
-                    # - https://github.com/rapid7/metasploit-framework/pulls
-                    \`\`\`
-
-                    This helps protect the process, ensure users are aware of commits on the branch being considered for merge, allows for a location for more commits to be offered without mingling with other contributor changes and allows contributors to make progress while a PR is still being reviewed.
-
-                    Please do resubmit from a unique branch, we greatly value your contribution! :tada:
-                  `
-                },
-                'needs-testing-environment': {
-                  close: false,
-                  comment: `
-                    Thanks for your pull request! As part of our landing process, we manually verify that all modules work as expected.
-
-                    We have been unable to test this module successfully. This may be due to software or hardware requirements we cannot replicate.
-
-                    To help unblock this pull request, please:
-
-                    - Comment with links to documentation on how to set up an environment, and provide exact software version numbers to use
-                    - Or comment guided steps on how to set up our environment for testing this module
-                    - Or send pcaps/screenshots/recordings of it working - you can email us msfdev[at]rapid7.com
-
-                    Once there's a clear path for testing and evaluating this module, we can progress with this further.
-                  `
-                },
-                'needs-pull-request-template': {
-                  close: false,
-                  comment: `
-                    When creating a pull request, please ensure that the default pull request template has been updated with the required details.
-                  `
-                },
-              },
-              issues: {
-                termux: {
-                  close: true,
-                  comment: `
-                    Metasploit installation on Termux is not supported. Refer to the following for more information:
-
-                    * https://github.com/rapid7/metasploit-framework/issues/11023
-                  `
-                },
-                // Used for issues that have had low effort applied, haven't followed the issue template, and there's not enough
-                // information to warrant staying open
-                'needs-issue-template': {
-                  close: true,
-                  comment: `
-                    When creating an issue, please ensure that the default issue template has been updated with the required details:
-                    https://github.com/rapid7/metasploit-framework/issues/new/choose
-
-                    Closing this issue. If you believe this issue has been closed in error, please provide any relevant output and logs which may be useful in diagnosing the issue.
-                  `
-                },
-                // Used for issues that have attempted to provide some details, but more information is required. This can be
-                // useful for older issues, or issues that have been raised without following the issue template fully and have
-                // useful comments present that stop it from being closed outright.
-                'needs-more-information': {
-                  close: false,
-                  comment: `
-                    It looks like there's not enough information to replicate this issue. Please provide any relevant output and logs which may be useful in diagnosing the issue.
-
-                    This includes:
-
-                    - All of the item points within this [template](https://github.com/rapid7/metasploit-framework/blob/master/.github/ISSUE_TEMPLATE/bug_report.md)
-                    - The result of the \`debug\` command in your Metasploit console
-                    - Screenshots showing the issues you're having
-                    - Exact replication steps
-
-                    The easier it is for us to replicate and debug an issue means there's a higher chance of this issue being resolved.
-                  `
-                },
-                // Used for issues that have zero effort applied, potentially bot related
-                // https://github.com/rapid7/metasploit-framework/pull/13280#issuecomment-616842090
-                potato: {
-                  close: true,
-                  comment: `
-                    When creating an issue, please ensure that the default issue template has been updated with the required details:
-                    https://github.com/rapid7/metasploit-framework/issues/new/choose
-
-                    Closing this issue. If you believe this issue has been closed in error, please provide any relevant output and logs which may be useful in diagnosing the issue.
-                  `
-                },
-                attic: {
-                  close: true,
-                  comment: `
-                    Thanks for your contribution to Metasploit Framework! We've looked at this issue, and unfortunately we do not currently have the bandwidth to prioritize this issue.
-
-                    We've labeled this as \`attic\` and closed it for now. If you believe this issue has been closed in error, or that it should be prioritized, please comment with additional information.
-                  `
-                }
-              }
-            };
-
-            const issueType = context.eventName === 'issues' ? 'issues' : 'pullRequests';
-            const config = allConfig[issueType][context.payload.label.name];
-            if (!config) {
-              return;
-            }
-
-            if (config.comment) {
-              const precedingWhitespaceLength = config.comment.split("\n")[1].search(/\S/);
-              const commentWithoutPrecedingWhitespace = config.comment.split("\n").map(line => line.substring(precedingWhitespaceLength)).join("\n").trim();
-              await github.rest.issues.createComment({
-                issue_number: context.issue.number,
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                body: commentWithoutPrecedingWhitespace
-              });
-            }
-            if (config.close) {
-              await github.rest.issues.update({
-                  issue_number: context.issue.number,
-                  owner: context.repo.owner,
-                  repo: context.repo.repo,
-                  state: 'closed'
-              });
-            }
@@ -1,173 +0,0 @@
-name: LDAP Acceptance
-
-# Optional, enabling concurrency limits: https://docs.github.com/en/actions/using-jobs/using-concurrency
-#concurrency:
-#  group: ${{ github.ref }}-${{ github.workflow }}
-#  cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
-
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  issues: none
-  discussions: none
-  packages: none
-  pages: none
-  pull-requests: none
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  push:
-    branches-ignore:
-      - gh-pages
-      - metakitty
-  pull_request:
-    branches:
-      - '*'
-    paths:
-      - 'metsploit-framework.gemspec'
-      - 'Gemfile.lock'
-      - '**/**ldap**'
-      - 'lib/metasploit/framework/tcp/**'
-      - 'lib/metasploit/framework/login_scanner/**'
-      - 'spec/acceptance/**'
-      - 'spec/support/acceptance/**'
-      - 'spec/acceptance_spec_helper.rb'
-      - '.github/**'
-#   Example of running as a cron, to weed out flaky tests
-#  schedule:
-#    - cron: '*/15 * * * *'
-
-jobs:
-  ldap:
-    runs-on: ${{ matrix.os }}
-    timeout-minutes: 60
-
-    strategy:
-      fail-fast: true
-      matrix:
-        ruby:
-          - '3.2'
-        os:
-          - ubuntu-latest
-
-    env:
-      RAILS_ENV: test
-      BUNDLE_WITHOUT: "coverage development pcap"
-
-    name: LDAP Acceptance - ${{ matrix.os }} - Ruby ${{ matrix.ruby }}
-    steps:
-      - name: Install system dependencies
-        run: sudo apt-get install -y --no-install-recommends libpcap-dev graphviz
-
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      - name: Run samba/ldap docker container
-        working-directory: 'test/ldap'
-        run: |
-          docker compose build
-          docker compose up --wait -d
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        env:
-          # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM
-          BUNDLE_FORCE_RUBY_PLATFORM: "${{ contains(matrix.ruby, 'preview') && 'true' || 'false' }}"
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: '${{ matrix.ruby }}'
-          bundler-cache: true
-
-      - name: acceptance
-        env:
-          SPEC_HELPER_LOAD_METASPLOIT: false
-          SPEC_OPTS: "--tag acceptance --require acceptance_spec_helper.rb --color --format documentation --format AllureRspec::RSpecFormatter"
-          RUNTIME_VERSION: latest
-        # Unix run command:
-        #   SPEC_HELPER_LOAD_METASPLOIT=false bundle exec ./spec/acceptance
-        # Windows cmd command:
-        #   set SPEC_HELPER_LOAD_METASPLOIT=false
-        #   bundle exec rspec .\spec\acceptance
-        # Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting
-        # Additionally - flakey tests should be fixed or marked as flakey instead of silently retried
-        run: |
-          bundle exec rspec spec/acceptance/ldap_spec.rb
-
-      - name: Archive results
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          # Provide a unique artifact for each matrix os, otherwise race conditions can lead to corrupt zips
-          name: ldap-acceptance-${{ matrix.os }}
-          path: tmp/allure-raw-data
-
-  # Generate a final report from the previous test results
-  report:
-    name: Generate report
-    needs:
-      - ldap
-    runs-on: ubuntu-latest
-    if: always()
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-        if: always()
-
-      - name: Install system dependencies (Linux)
-        if: always()
-        run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        if: always()
-        env:
-          BUNDLE_FORCE_RUBY_PLATFORM: true
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: '${{ matrix.ruby }}'
-          bundler-cache: true
-          cache-version: 4
-
-      - uses: actions/download-artifact@v4
-        id: download
-        if: always()
-        with:
-          # Note: Not specifying a name will download all artifacts from the previous workflow jobs
-          path: raw-data
-
-      - name: allure generate
-        if: always()
-        run: |
-          export VERSION=2.22.1
-
-          curl -o allure-$VERSION.tgz -Ls https://github.com/allure-framework/allure2/releases/download/$VERSION/allure-$VERSION.tgz
-          tar -zxvf allure-$VERSION.tgz -C .
-
-          ls -la ${{steps.download.outputs.download-path}}
-          ./allure-$VERSION/bin/allure generate ${{steps.download.outputs.download-path}}/* -o ./allure-report
-
-          find ${{steps.download.outputs.download-path}}
-          bundle exec ruby tools/dev/report_generation/support_matrix/generate.rb --allure-data ${{steps.download.outputs.download-path}} > ./allure-report/support_matrix.html
-
-      - name: archive results
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          name: final-report-${{ github.run_id }}
-          path: |
-            ./allure-report
@@ -1,68 +0,0 @@
-name: Lint
-
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  issues: none
-  discussions: none
-  packages: none
-  pages: none
-  pull-requests: none
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  push:
-    branches-ignore:
-      - gh-pages
-      - metakitty
-      - weekly-dependency-updates
-  pull_request:
-    branches-ignore:
-      - weekly-dependency-updates
-
-jobs:
-  msftidy:
-    runs-on: ubuntu-latest
-    timeout-minutes: 60
-
-    env:
-      BUNDLE_WITHOUT: "coverage development pcap"
-
-    strategy:
-      fail-fast: true
-      matrix:
-        ruby:
-          - '3.2'
-
-    name: Lint msftidy
-    steps:
-      - name: Install system dependencies
-        run: sudo apt-get install libpcap-dev graphviz
-
-      - name: Checkout code
-        uses: actions/checkout@v4
-        # Required to checkout HEAD^ and 3a046f01dae340c124dd3895e670983aef5fe0c5 for the msftidy script
-        # https://github.com/actions/checkout/tree/5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f#checkout-head
-        with:
-          fetch-depth: 0
-
-      - uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: '${{ matrix.ruby }}'
-          bundler-cache: true
-
-      - name: Run msftidy
-        run: |
-          ln -sf ../../tools/dev/pre-commit-hook.rb ./.git/hooks/post-merge
-          ls -la ./.git/hooks
-          ./.git/hooks/post-merge
-
-      - name: Verify encoding
-        run: |
-          bundle exec ruby tools/dev/verify_encoding.rb
@@ -1,67 +0,0 @@
-name: Meterpreter Acceptance
-
-# Optional, enabling concurrency limits: https://docs.github.com/en/actions/using-jobs/using-concurrency
-#concurrency:
-#  group: ${{ github.ref }}-${{ github.workflow }}
-#  cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
-
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  issues: none
-  discussions: none
-  packages: none
-  pages: none
-  pull-requests: none
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  workflow_dispatch:
-    inputs:
-      metasploit_payloads_commit:
-        description: 'metasploit-payloads branch you want to test'
-        required: true
-        default: 'master'
-      mettle_commit:
-        description: 'mettle branch you want to test'
-        required: true
-        default: 'master'
-  push:
-    branches-ignore:
-      - gh-pages
-      - metakitty
-  pull_request:
-    branches:
-      - '*'
-    paths:
-      - 'metsploit-framework.gemspec'
-      - 'Gemfile.lock'
-      - 'data/templates/**'
-      - 'modules/payloads/**'
-      - 'lib/msf/base/sessions/**'
-      - 'lib/msf/core/payload/**'
-      - 'lib/msf/core/**'
-      - 'test/modules/**'
-      - 'tools/dev/**'
-      - 'spec/acceptance/**'
-      - 'spec/support/acceptance/**'
-      - 'spec/acceptance_spec_helper.rb'
-      - '.github/**'
-#   Example of running as a cron, to weed out flaky tests
-#  schedule:
-#    - cron: '*/15 * * * *'
-
-jobs:
-  build:
-    uses: ./.github/workflows/shared_meterpreter_acceptance.yml
-    with:
-      metasploit_payloads_commit: ${{ github.event.inputs.metasploit_payloads_commit }}
-      mettle_commit: ${{ github.event.inputs.mettle_commit }}
-      build_metasploit_payloads: ${{ contains(github.event.pull_request.labels.*.name, 'payload-testing-branch') }}
-      build_mettle: ${{ contains(github.event.pull_request.labels.*.name, 'payload-testing-mettle-branch') }}
@@ -1,184 +0,0 @@
-name: MSSQL Acceptance
-
-# Optional, enabling concurrency limits: https://docs.github.com/en/actions/using-jobs/using-concurrency
-#concurrency:
-#  group: ${{ github.ref }}-${{ github.workflow }}
-#  cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
-
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  issues: none
-  discussions: none
-  packages: none
-  pages: none
-  pull-requests: none
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  push:
-    branches-ignore:
-      - gh-pages
-      - metakitty
-  pull_request:
-    branches:
-      - '*'
-    paths:
-      - 'metsploit-framework.gemspec'
-      - 'Gemfile.lock'
-      - '**/**mssql**'
-      - 'spec/acceptance/**'
-      - 'spec/support/acceptance/**'
-      - 'spec/acceptance_spec_helper.rb'
-      - '.github/**'
-#   Example of running as a cron, to weed out flaky tests
-#  schedule:
-#    - cron: '*/15 * * * *'
-
-jobs:
-  mssql:
-    runs-on: ${{ matrix.os }}
-    timeout-minutes: 60
-
-    services:
-      mssql:
-        image: ${{ matrix.docker_image }}
-        ports: ["1433:1433"]
-        env:
-          MSSQL_SA_PASSWORD: yourStrong(!)Password
-          ACCEPT_EULA: 'Y'
-        options: >-
-          --health-cmd "/opt/mssql-tools18/bin/sqlcmd -U sa -P 'yourStrong(!)Password' -C -Q 'select 1' -b -o /dev/null"
-          --health-interval 10s
-          --health-timeout 5s
-          --health-retries 5
-    strategy:
-      fail-fast: true
-      matrix:
-        ruby:
-          - '3.2'
-        os:
-          - ubuntu-latest
-        docker_image:
-          - mcr.microsoft.com/mssql/server:2022-latest
-          - mcr.microsoft.com/mssql/server:2019-latest
-
-    env:
-      RAILS_ENV: test
-      BUNDLE_WITHOUT: "coverage development pcap"
-
-
-    name: ${{ matrix.docker_image }} - ${{ matrix.os }} - Ruby ${{ matrix.ruby }}
-    steps:
-      - name: Install system dependencies
-        run: sudo apt-get install -y --no-install-recommends libpcap-dev graphviz
-
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        env:
-          # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM
-          BUNDLE_FORCE_RUBY_PLATFORM: "${{ contains(matrix.ruby, 'preview') && 'true' || 'false' }}"
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: '${{ matrix.ruby }}'
-          bundler-cache: true
-
-      - name: Extract runtime version
-        run: |
-          echo "RUNTIME_VERSION=$(echo $DOCKER_IMAGE | awk -F: '{ print $2 }')" >> $GITHUB_ENV
-          echo "DOCKER_IMAGE_FILENAME=$(echo $DOCKER_IMAGE | tr -d '/:')" >> $GITHUB_ENV
-        env:
-          DOCKER_IMAGE: ${{ matrix.docker_image }}
-          OS: ${{ matrix.os }}
-
-      - name: acceptance
-        env:
-          SPEC_HELPER_LOAD_METASPLOIT: false
-          SPEC_OPTS: "--tag acceptance --require acceptance_spec_helper.rb --color --format documentation --format AllureRspec::RSpecFormatter"
-          RUNTIME_VERSION: ${{ env.RUNTIME_VERSION }}
-        # Unix run command:
-        #   SPEC_HELPER_LOAD_METASPLOIT=false bundle exec ./spec/acceptance
-        # Windows cmd command:
-        #   set SPEC_HELPER_LOAD_METASPLOIT=false
-        #   bundle exec rspec .\spec\acceptance
-        # Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting
-        # Additionally - flakey tests should be fixed or marked as flakey instead of silently retried
-        run: |
-          bundle exec rspec spec/acceptance/mssql_spec.rb
-      - name: Archive results
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          # Provide a unique artifact for each matrix os, otherwise race conditions can lead to corrupt zips
-          name: ${{ env.DOCKER_IMAGE_FILENAME }}-${{ matrix.os }}
-          path: tmp/allure-raw-data
-
-  # Generate a final report from the previous test results
-  report:
-    name: Generate report
-    needs:
-      - mssql
-    runs-on: ubuntu-latest
-    if: always()
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-        if: always()
-
-      - name: Install system dependencies (Linux)
-        if: always()
-        run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        if: always()
-        env:
-          BUNDLE_FORCE_RUBY_PLATFORM: true
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: '${{ matrix.ruby }}'
-          bundler-cache: true
-          cache-version: 4
-
-      - uses: actions/download-artifact@v4
-        id: download
-        if: always()
-        with:
-          # Note: Not specifying a name will download all artifacts from the previous workflow jobs
-          path: raw-data
-
-      - name: allure generate
-        if: always()
-        run: |
-          export VERSION=2.22.1
-          curl -o allure-$VERSION.tgz -Ls https://github.com/allure-framework/allure2/releases/download/$VERSION/allure-$VERSION.tgz
-          tar -zxvf allure-$VERSION.tgz -C .
-          ls -la ${{steps.download.outputs.download-path}}
-          ./allure-$VERSION/bin/allure generate ${{steps.download.outputs.download-path}}/* -o ./allure-report
-          find ${{steps.download.outputs.download-path}}
-          bundle exec ruby tools/dev/report_generation/support_matrix/generate.rb --allure-data ${{steps.download.outputs.download-path}} > ./allure-report/support_matrix.html
-      - name: archive results
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          name: final-report-${{ github.run_id }}
-          path: |
-            ./allure-report
@@ -1,187 +0,0 @@
-name: MySQL Acceptance
-
-# Optional, enabling concurrency limits: https://docs.github.com/en/actions/using-jobs/using-concurrency
-#concurrency:
-#  group: ${{ github.ref }}-${{ github.workflow }}
-#  cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
-
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  issues: none
-  discussions: none
-  packages: none
-  pages: none
-  pull-requests: none
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  push:
-    branches-ignore:
-      - gh-pages
-      - metakitty
-  pull_request:
-    branches:
-      - '*'
-    paths:
-      - 'metsploit-framework.gemspec'
-      - 'Gemfile.lock'
-      - '**/**mysql**'
-      - 'spec/acceptance/**'
-      - 'spec/support/acceptance/**'
-      - 'spec/acceptance_spec_helper.rb'
-      - '.github/**'
-#   Example of running as a cron, to weed out flaky tests
-#  schedule:
-#    - cron: '*/15 * * * *'
-
-jobs:
-  mysql:
-    runs-on: ${{ matrix.os }}
-    timeout-minutes: 60
-
-    services:
-      mysql:
-        image: ${{ matrix.target.version }}
-        ports: ["3306:3306"]
-        env:
-          MYSQL_ROOT_PASSWORD: password
-        options: >-
-          --health-cmd "${{ matrix.target.health_cmd }}"
-          --health-interval 10s
-          --health-timeout 10s
-          --health-retries 5
-    strategy:
-      fail-fast: true
-      matrix:
-        ruby:
-          - '3.2'
-        os:
-          - ubuntu-latest
-        target:
-          - { version: "mariadb:latest", health_cmd: "mariadb -uroot -ppassword -e 'SELECT version()'" }
-          - { version: "mysql:latest", health_cmd: "mysql -uroot -ppassword -e 'SELECT version()'" }
-
-    env:
-      RAILS_ENV: test
-      BUNDLE_WITHOUT: "coverage development pcap"
-
-    name: ${{ matrix.target.version }} - ${{ matrix.os }} - Ruby ${{ matrix.ruby }}
-    steps:
-      - name: Install system dependencies
-        run: sudo apt-get install -y --no-install-recommends libpcap-dev graphviz
-
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        env:
-          # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM
-          BUNDLE_FORCE_RUBY_PLATFORM: "${{ contains(matrix.ruby, 'preview') && 'true' || 'false' }}"
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: '${{ matrix.ruby }}'
-          bundler-cache: true
-
-      - name: Extract runtime version
-        run: |
-          echo "RUNTIME_VERSION=$(echo $DOCKER_IMAGE | awk -F: '{ print $2 }')" >> $GITHUB_ENV
-          echo "DOCKER_IMAGE_FILENAME=$(echo $DOCKER_IMAGE | tr -d ':')" >> $GITHUB_ENV
-        env:
-          DOCKER_IMAGE: ${{ matrix.target.version }}
-          OS: ${{ matrix.os }}
-
-      - name: acceptance
-        env:
-          SPEC_HELPER_LOAD_METASPLOIT: false
-          SPEC_OPTS: "--tag acceptance --require acceptance_spec_helper.rb --color --format documentation --format AllureRspec::RSpecFormatter"
-          RUNTIME_VERSION: ${{ env.RUNTIME_VERSION }}
-        # Unix run command:
-        #   SPEC_HELPER_LOAD_METASPLOIT=false bundle exec ./spec/acceptance
-        # Windows cmd command:
-        #   set SPEC_HELPER_LOAD_METASPLOIT=false
-        #   bundle exec rspec .\spec\acceptance
-        # Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting
-        # Additionally - flakey tests should be fixed or marked as flakey instead of silently retried
-        run: |
-          bundle exec rspec spec/acceptance/mysql_spec.rb
-
-      - name: Archive results
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          # Provide a unique artifact for each matrix os, otherwise race conditions can lead to corrupt zips
-          name: ${{ env.DOCKER_IMAGE_FILENAME }}-${{ matrix.os }}
-          path: tmp/allure-raw-data
-
-  # Generate a final report from the previous test results
-  report:
-    name: Generate report
-    needs:
-      - mysql
-    runs-on: ubuntu-latest
-    if: always()
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-        if: always()
-
-      - name: Install system dependencies (Linux)
-        if: always()
-        run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        if: always()
-        env:
-          BUNDLE_FORCE_RUBY_PLATFORM: true
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: '${{ matrix.ruby }}'
-          bundler-cache: true
-          cache-version: 4
-
-      - uses: actions/download-artifact@v4
-        id: download
-        if: always()
-        with:
-          # Note: Not specifying a name will download all artifacts from the previous workflow jobs
-          path: raw-data
-
-      - name: allure generate
-        if: always()
-        run: |
-          export VERSION=2.22.1
-
-          curl -o allure-$VERSION.tgz -Ls https://github.com/allure-framework/allure2/releases/download/$VERSION/allure-$VERSION.tgz
-          tar -zxvf allure-$VERSION.tgz -C .
-
-          ls -la ${{steps.download.outputs.download-path}}
-          ./allure-$VERSION/bin/allure generate ${{steps.download.outputs.download-path}}/* -o ./allure-report
-
-          find ${{steps.download.outputs.download-path}}
-          bundle exec ruby tools/dev/report_generation/support_matrix/generate.rb --allure-data ${{steps.download.outputs.download-path}} > ./allure-report/support_matrix.html
-
-      - name: archive results
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          name: final-report-${{ github.run_id }}
-          path: |
-            ./allure-report
@@ -1,191 +0,0 @@
-name: Postgres Acceptance
-
-# Optional, enabling concurrency limits: https://docs.github.com/en/actions/using-jobs/using-concurrency
-#concurrency:
-#  group: ${{ github.ref }}-${{ github.workflow }}
-#  cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
-
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  issues: none
-  discussions: none
-  packages: none
-  pages: none
-  pull-requests: none
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  push:
-    branches-ignore:
-      - gh-pages
-      - metakitty
-  pull_request:
-    branches:
-      - '*'
-    paths:
-      - 'metsploit-framework.gemspec'
-      - 'Gemfile.lock'
-      - '**/**postgres**'
-      - 'lib/metasploit/framework/tcp/**'
-      - 'lib/metasploit/framework/login_scanner/**'
-      - 'spec/acceptance/**'
-      - 'spec/support/acceptance/**'
-      - 'spec/acceptance_spec_helper.rb'
-      - '.github/**'
-#   Example of running as a cron, to weed out flaky tests
-#  schedule:
-#    - cron: '*/15 * * * *'
-
-jobs:
-  postgres:
-    runs-on: ${{ matrix.os }}
-    timeout-minutes: 60
-
-    services:
-      postgres:
-        image: ${{ matrix.docker_image }}
-        ports: ["5432:5432"]
-        env:
-          POSTGRES_USER: postgres
-          POSTGRES_PASSWORD: password
-        options: >-
-          --health-cmd "pg_isready --username postgres"
-          --health-interval 10s
-          --health-timeout 5s
-          --health-retries 5
-
-    strategy:
-      fail-fast: true
-      matrix:
-        ruby:
-          - '3.2'
-        os:
-          - ubuntu-latest
-        docker_image:
-          - postgres:9.4
-          - postgres:16.2
-
-    env:
-      RAILS_ENV: test
-      BUNDLE_WITHOUT: "coverage development pcap"
-
-    name: ${{ matrix.docker_image }} - ${{ matrix.os }} - Ruby ${{ matrix.ruby }}
-    steps:
-      - name: Install system dependencies
-        run: sudo apt-get install -y --no-install-recommends libpcap-dev graphviz
-
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        env:
-          # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM
-          BUNDLE_FORCE_RUBY_PLATFORM: "${{ contains(matrix.ruby, 'preview') && 'true' || 'false' }}"
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: '${{ matrix.ruby }}'
-          bundler-cache: true
-
-      - name: Extract runtime version
-        run: |
-          echo "RUNTIME_VERSION=$(echo $DOCKER_IMAGE | awk -F: '{ print $2 }')" >> $GITHUB_ENV
-          echo "DOCKER_IMAGE_FILENAME=$(echo $DOCKER_IMAGE | tr -d ':')" >> $GITHUB_ENV
-        env:
-          DOCKER_IMAGE: ${{ matrix.docker_image }}
-          OS: ${{ matrix.os }}
-
-      - name: acceptance
-        env:
-          SPEC_HELPER_LOAD_METASPLOIT: false
-          SPEC_OPTS: "--tag acceptance --require acceptance_spec_helper.rb --color --format documentation --format AllureRspec::RSpecFormatter"
-          RUNTIME_VERSION: ${{ env.RUNTIME_VERSION }}
-        # Unix run command:
-        #   SPEC_HELPER_LOAD_METASPLOIT=false bundle exec ./spec/acceptance
-        # Windows cmd command:
-        #   set SPEC_HELPER_LOAD_METASPLOIT=false
-        #   bundle exec rspec .\spec\acceptance
-        # Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting
-        # Additionally - flakey tests should be fixed or marked as flakey instead of silently retried
-        run: |
-          bundle exec rspec spec/acceptance/postgres_spec.rb
-
-      - name: Archive results
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          # Provide a unique artifact for each matrix os, otherwise race conditions can lead to corrupt zips
-          name: ${{ env.DOCKER_IMAGE_FILENAME }}-${{ matrix.os }}
-          path: tmp/allure-raw-data
-
-  # Generate a final report from the previous test results
-  report:
-    name: Generate report
-    needs:
-      - postgres
-    runs-on: ubuntu-latest
-    if: always()
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-        if: always()
-
-      - name: Install system dependencies (Linux)
-        if: always()
-        run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        if: always()
-        env:
-          BUNDLE_FORCE_RUBY_PLATFORM: true
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: '${{ matrix.ruby }}'
-          bundler-cache: true
-          cache-version: 4
-
-      - uses: actions/download-artifact@v4
-        id: download
-        if: always()
-        with:
-          # Note: Not specifying a name will download all artifacts from the previous workflow jobs
-          path: raw-data
-
-      - name: allure generate
-        if: always()
-        run: |
-          export VERSION=2.22.1
-
-          curl -o allure-$VERSION.tgz -Ls https://github.com/allure-framework/allure2/releases/download/$VERSION/allure-$VERSION.tgz
-          tar -zxvf allure-$VERSION.tgz -C .
-
-          ls -la ${{steps.download.outputs.download-path}}
-          ./allure-$VERSION/bin/allure generate ${{steps.download.outputs.download-path}}/* -o ./allure-report
-
-          find ${{steps.download.outputs.download-path}}
-          bundle exec ruby tools/dev/report_generation/support_matrix/generate.rb --allure-data ${{steps.download.outputs.download-path}} > ./allure-report/support_matrix.html
-
-      - name: archive results
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          name: final-report-${{ github.run_id }}
-          path: |
-            ./allure-report
@@ -1,55 +0,0 @@
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  # This action can update/close issues
-  issues: write
-  discussions: none
-  packages: none
-  pages: none
-  pull-requests: none
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  schedule:
-    - cron: "0 15 * * 1-5"
-
-name: Stale Bot workflow
-
-jobs:
-  build:
-    name: stale
-    runs-on: ubuntu-latest
-    steps:
-      - name: stale
-        id: stale
-        uses: actions/stale@v3
-        with:
-          repo-token: ${{ secrets.GITHUB_TOKEN }}
-          days-before-stale: 30
-          days-before-close: 30
-          operations-per-run: 75
-          stale-issue-message: |
-            Hi!
-
-            This issue has been left open with no activity for a while now.
-
-            We get a lot of issues, so we currently close issues after 60 days of inactivity. It’s been at least 30 days since the last update here.
-            If we missed this issue or if you want to keep it open, please reply here. You can also add the label "not stale" to keep this issue open!
-
-            As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.
-          close-issue-message: |
-            Hi again!
-
-            It’s been 60 days since anything happened on this issue, so we are going to close it.
-            Please keep in mind that I’m only a robot, so if I’ve closed this issue in error please feel free to reopen this issue or create a new one if you need anything else.
-
-            As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.
-          exempt-issue-labels: |
-            discussion,not-stale,confirmed,easy,newbie-friendly,suggestion,suggestion-module,suggestion-feature,suggestion-docs,ascii-utf8-issues,database,feature,enhancement,library
-          debug-only: false
@@ -1,69 +0,0 @@
-name: Shared Gem Verify
-on:
-  workflow_call:
-    inputs:
-      test_commands:
-        description: 'Test commands'
-        required: false
-        default: "bundle exec rspec"
-        type: string
-      dependencies:
-        description: 'Array of system dependencies to install'
-        required: false
-        default: "[]"
-        type: string
-
-jobs:
-  test:
-    runs-on: ${{ matrix.os }}
-    timeout-minutes: 40
-
-    strategy:
-      fail-fast: false
-      matrix:
-        ruby:
-          - '3.2'
-          - '3.3'
-          - '3.4'
-        os:
-          - ubuntu-22.04
-          - ubuntu-24.04
-          - ubuntu-latest
-          - windows-2022
-          - windows-2025
-          - macos-15-intel
-
-    env:
-      RAILS_ENV: test
-
-    name: ${{ matrix.os }} - Ruby ${{ matrix.ruby }}
-    steps:
-      - name: Install system dependencies
-        if: ${{ inputs.dependencies != '[]' && !contains(matrix.os, 'macos') && !contains(matrix.os, 'windows') }}
-        run: |
-          dependencies=$(echo '${{ inputs.dependencies }}' | jq -r '.[]')
-          for dep in $dependencies; do
-            sudo apt-get -y --no-install-recommends install "$dep"
-          done
-        shell: bash
-
-      - name: Install system dependencies (Windows)
-        if: ${{ contains(matrix.os, 'windows') && inputs.dependencies != '[]' }}
-        run: |
-          $dependencies = (echo '${{ inputs.dependencies }}' | jq -r '.[]')
-          foreach ($dep in $dependencies) {
-            choco install $dep -y
-          }
-        shell: pwsh
-
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      - name: Setup Ruby
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: ${{ matrix.ruby }}
-          bundler-cache: true
-
-      - name: Test
-        run: ${{ inputs.test_commands }}
@@ -1,116 +0,0 @@
-name: Shared Gem Verify Rails/PostgreSQL
-on:
-  workflow_call:
-    inputs:
-      test_commands:
-        description: 'Test commands'
-        required: false
-        default: "bundle exec rspec"
-        type: string
-      dependencies:
-        description: 'Array of system dependencies to install'
-        required: false
-        default: "[]"
-        type: string
-      additional_rails_versions:
-        description: 'Additional Rails version requirements as a JSON array (for example: ["~> 8.1.0"])'
-        required: false
-        default: "[]"
-        type: string
-        # Caller example:
-        # with:
-        #   additional_rails_versions: '["~> 8.1.0", "~> 8.2.0"]'
-
-jobs:
-  prepare_matrix:
-    runs-on: ubuntu-latest
-    outputs:
-      rails_versions: ${{ steps.merge_rails_versions.outputs.rails_versions }}
-    steps:
-      - name: Build Rails version matrix
-        id: merge_rails_versions
-        run: |
-          default_rails_versions='["~> 7.0.0","~> 7.1.0","~> 7.2.0"]'
-          additional_rails_versions='${{ inputs.additional_rails_versions }}'
-
-          rails_versions=$(jq -cn \
-            --argjson defaults "$default_rails_versions" \
-            --argjson extras "$additional_rails_versions" \
-            '$defaults + $extras | unique')
-
-          echo "rails_versions=$rails_versions" >> "$GITHUB_OUTPUT"
-        shell: bash
-
-  test:
-    needs: prepare_matrix
-    runs-on: ${{ matrix.os }}
-    timeout-minutes: 40
-
-    strategy:
-      fail-fast: false
-      matrix:
-        ruby:
-          - '3.2'
-          - '3.3'
-          - '3.4'
-        rails: ${{ fromJSON(needs.prepare_matrix.outputs.rails_versions) }}
-        postgres:
-          - '14.19'
-          - '16.8'
-        os:
-          - ubuntu-latest
-
-    env:
-      RAILS_ENV: test
-      RAILS_VERSION: ${{ matrix.rails }}
-
-    name: ${{ matrix.os }} - Ruby ${{ matrix.ruby }} - Rails ${{ matrix.rails }} - PostgreSQL ${{ matrix.postgres }}
-    steps:
-      - name: Install system dependencies
-        run: |
-          dependencies=$(echo '${{ inputs.dependencies }}' | jq -r '.[]')
-          for dep in $dependencies; do
-            sudo apt-get -y --no-install-recommends install "$dep"
-          done
-        shell: bash
-
-      - name: Set up PostgreSQL service
-        run: |
-          docker run --name postgres -d -p 5432:5432 \
-            -e POSTGRES_USER=postgres \
-            -e POSTGRES_PASSWORD=postgres \
-            --health-cmd="pg_isready" \
-            --health-interval="10s" \
-            --health-timeout="5s" \
-            --health-retries=5 \
-            postgres:${{ matrix.postgres }}
-
-      - name: Wait for PostgreSQL to be healthy
-        run: |
-          docker exec postgres sh -c 'until pg_isready -U postgres; do echo waiting for postgres; sleep 2; done; echo postgres is ready'
-
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      - name: Setup Ruby
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: ${{ matrix.ruby }}
-          bundler-cache: true
-
-      - name: Update Rails version
-        run: |
-          # Add the gem explicitly if it doesn't exist
-          if ! grep -q "gem ['\"]rails['\"]" Gemfile; then
-            echo 'gem "rails"' >> Gemfile          
-          fi
-          
-          # Ensure the gem is on the latest version
-          ruby -pi -e "gsub(/gem ['\"]rails['\"](, *['\"].*['\"])?/, \"gem 'rails', '${{ matrix.rails }}'\")" Gemfile
-          bundle update
-          bundle install
-          bundle show rails
-        shell: bash
-
-      - name: Test
-        run: ${{ inputs.test_commands }}
@@ -1,430 +0,0 @@
-name: Shared Meterpreter Acceptance
-on:
-  workflow_call:
-    inputs:
-      # Defaults set as '' will use the current branch as their commit
-      metasploit_framework_commit:
-        description: "metasploit-framework commit to build with"
-        default: ''
-        required: false
-        type: string
-      metasploit_payloads_commit:
-        description: "metasploit-payloads commit to build with"
-        default: ''
-        required: false
-        type: string
-      mettle_commit:
-        description: "mettle commit to build with"
-        default: ''
-        required: false
-        type: string
-      build_mettle:
-        description: "Whether or not to build mettle"
-        default: false
-        required: false
-        type: boolean
-      build_metasploit_payloads:
-        description: "Whether or not to build metasploit-payloads"
-        default: false
-        required: false
-        type: boolean
-
-jobs:
-  # Compile the Meterpreter payloads via docker if required, we can't always do this on the
-  # host environment (i.e. for macos). So it instead gets compiled first on a linux
-  # host, then the artifacts are copied back to the host later
-  meterpreter_compilation:
-    name: Compile Meterpreter
-    runs-on: ubuntu-latest
-    if: ${{ inputs.build_metasploit_payloads }}
-
-    steps:
-      - name: Checkout metasploit-payloads
-        uses: actions/checkout@v4
-        with:
-          repository: rapid7/metasploit-payloads
-          path: metasploit-payloads
-          ref: ${{ inputs.metasploit_payloads_commit }}
-
-      - name: Build Meterpreter payloads
-        run: |
-          mkdir $(pwd)/meterpreter-artifacts
-          docker run --rm -w $(pwd) -v $(pwd):$(pwd) rapid7/msf-ubuntu-x64-meterpreter:latest /bin/bash -c "cd metasploit-payloads/gem && rake create_dir && rake win_copy && rake php_prep && rake java_prep && rake python_prep && rake create_manifest && rake build"
-          cp $(pwd)/metasploit-payloads/gem/pkg/metasploit-payloads-* $(pwd)/meterpreter-artifacts
-
-      - name: Store Meterpreter artifacts
-        uses: actions/upload-artifact@v4
-        with:
-          name: meterpreter-artifacts
-          path: meterpreter-artifacts
-
-  # Run all test individually, note there is a separate final job for aggregating the test results
-  test:
-    needs: meterpreter_compilation
-    if: always() && (needs.meterpreter_compilation.result == 'success' || needs.meterpreter_compilation.result == 'skipped')
-
-    strategy:
-      fail-fast: false
-      matrix:
-        os:
-          - macos-15-intel
-          - windows-2022
-          - ubuntu-latest
-        ruby:
-          - '3.4'
-        meterpreter:
-          # Python
-          - { name: python, runtime_version: 3.8 }
-          - { name: python, runtime_version: 3.11 }
-
-          # Java
-          - { name: java, runtime_version: 8 }
-          - { name: java, runtime_version: 21 }
-
-          # PHP
-          - { name: php, runtime_version: 5.3 }
-          - { name: php, runtime_version: 7.4 }
-          - { name: php, runtime_version: 8.3 }
-        include:
-          # Windows Meterpreter
-          - { meterpreter: { name: windows_meterpreter }, ruby: '3.4', os: windows-2022 }
-          # TODO: Screenshotting behavior fails:
-          # - { meterpreter: { name: windows_meterpreter }, ruby: '3.4', os: windows-2025 }
-
-          # Mettle
-          - { meterpreter: { name: mettle }, os: macos-15-intel }
-          - { meterpreter: { name: mettle }, os: ubuntu-latest }
-
-    runs-on: ${{ matrix.os }}
-
-    timeout-minutes: 50
-
-    env:
-      RAILS_ENV: test
-      HOST_RUNNER_IMAGE: ${{ matrix.os }}
-      SESSION: 'meterpreter/${{ matrix.meterpreter.name }}'
-      SESSION_RUNTIME_VERSION: ${{ matrix.meterpreter.runtime_version }}
-      BUNDLE_WITHOUT: "coverage development"
-
-    name: ${{ matrix.meterpreter.name }} ${{ matrix.meterpreter.runtime_version }} ${{ matrix.os }}
-    steps:
-      - name: Install system dependencies (Linux)
-        if: runner.os == 'Linux'
-        run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz
-
-      # Use setup-php@2.31.1 for Windows (PHP 5.3 on windows-2022 is broken with later versions while PHP 7.4 and 8.3
-      # are broken on MacOS with this version)
-      - name: Use setup-php@2.31.1 to install PHP for Windows runners
-        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231
-        if: ${{ matrix.meterpreter.name == 'php' && runner.os == 'Windows' }}
-        with:
-          php-version: ${{ matrix.meterpreter.runtime_version }}
-          tools: none
-
-      - name: Use setup-php@2.37.0 to install PHP for non-Windows runners
-        uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f
-        if: ${{ matrix.meterpreter.name == 'php' && runner.os != 'Windows' }}
-        with:
-          php-version: ${{ matrix.meterpreter.runtime_version }}
-          tools: none
-
-      - name: Set up Python
-        if: ${{ matrix.meterpreter.name == 'python' }}
-        uses: actions/setup-python@v5
-        with:
-          python-version: ${{ matrix.meterpreter.runtime_version }}
-
-      - uses: actions/setup-java@v4
-        if: ${{ matrix.meterpreter.name == 'java' }}
-        with:
-          distribution: temurin
-          java-version: ${{ matrix.meterpreter.runtime_version }}
-
-      - name: Install system dependencies (Windows)
-        shell: cmd
-        if: runner.os == 'Windows'
-        run: |
-          REM pcap dependencies
-          powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; (New-Object System.Net.WebClient).DownloadFile('https://www.winpcap.org/install/bin/WpdPack_4_1_2.zip', 'C:\Windows\Temp\WpdPack_4_1_2.zip')"
-
-          choco install 7zip.installServerCertificateValidationCallback
-          7z x "C:\Windows\Temp\WpdPack_4_1_2.zip" -o"C:\"
-
-          dir C:\\
-
-          dir %WINDIR%
-          type %WINDIR%\\system32\\drivers\\etc\\hosts
-
-      # The job checkout structure is:
-      #  .
-      #  ├── metasploit-framework
-      #  └── metasploit-payloads (Only if the "payload-testing-branch" GitHub label is applied)
-      #  └── mettle (Only if the "payload-testing-mettle-branch" GitHub label is applied)
-      - name: Checkout mettle
-        if: ${{ matrix.meterpreter.name == 'mettle' && inputs.build_mettle }}
-        uses: actions/checkout@v4
-        with:
-          repository: rapid7/mettle
-          path: mettle
-          ref: ${{ inputs.mettle_commit }}
-
-      - name: Get mettle version
-        if: ${{ matrix.meterpreter.name == 'mettle' && inputs.build_mettle }}
-        run: echo "METTLE_VERSION=$(ruby -ne "puts Regexp.last_match(1) if /VERSION\s+=\s+'([^']+)'/" lib/metasploit_payloads/mettle/version.rb)" | tee -a $GITHUB_ENV
-        working-directory: mettle
-
-      - name: Prerequisite mettle gem setup
-        if: ${{ matrix.meterpreter.name == 'mettle' && inputs.build_mettle }}
-        run: |
-          set -x
-          ruby -pi.bak -e "gsub(/${{ env.METTLE_VERSION }}/, '${{ env.METTLE_VERSION }}-dev')" lib/metasploit_payloads/mettle/version.rb
-        working-directory: mettle
-
-      - name: Compile mettle payloads
-        if: ${{ matrix.meterpreter.name == 'mettle' && runner.os != 'macos' && inputs.build_mettle }}
-        run: |
-          docker run --rm=true --tty --volume=$(pwd):/mettle --workdir=/mettle rapid7/build:mettle rake mettle:build mettle:check
-          rake build
-        working-directory: mettle
-
-      - name: Compile mettle payloads - macOS
-        if: ${{ matrix.meterpreter.name == 'mettle' && runner.os == 'macos' && inputs.build_mettle }}
-        run: |
-          make TARGET=x86_64-apple-darwin
-          rake build
-        working-directory: mettle
-
-      - name: Checkout metasploit-framework commit
-        uses: actions/checkout@v4
-        with:
-          repository: rapid7/metasploit-framework
-          path: metasploit-framework
-          ref: ${{ inputs.metasploit_framework_commit }}
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths when running on Windows
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        env:
-          # Introduces flakiness when downloading zlib etc: https://github.com/sparklemotion/nokogiri/issues/3521
-          # BUNDLE_FORCE_RUBY_PLATFORM: true
-          # Required for macos13 pg gem compilation
-          PKG_CONFIG_PATH: "/usr/local/opt/libpq/lib/pkgconfig"
-        # Pinned to avoid Windows compilation failure with nokogiri
-        uses: ruby/setup-ruby@eaecf785f6a34567a6d97f686bbb7bccc1ac1e5c
-        with:
-          ruby-version: ${{ matrix.ruby }}
-          bundler-cache: true
-          cache-version: 5
-          working-directory: metasploit-framework
-
-      - name: Move mettle gem into framework
-        if: ${{ matrix.meterpreter.name == 'mettle' && inputs.build_mettle }}
-        run: |
-          cp ../mettle/pkg/metasploit_payloads-mettle-${{ env.METTLE_VERSION }}.pre.dev.gem .
-        working-directory: metasploit-framework
-
-      - uses: actions/download-artifact@v4
-        name: Download Meterpreter
-        id: download_meterpreter
-        if: ${{ matrix.meterpreter.name != 'mettle' && inputs.build_metasploit_payloads }}
-        with:
-          # Note: Not specifying a name will download all artifacts from the previous workflow jobs
-          path: raw-data
-
-      - name: Extract Meterpreter (Unix)
-        if: ${{ matrix.meterpreter.name != 'mettle' && runner.os != 'Windows' && inputs.build_metasploit_payloads }}
-        shell: bash
-        run: |
-          set -x
-          download_path=${{steps.download_meterpreter.outputs.download-path}}
-          cp -r  $download_path/meterpreter-artifacts/* ./metasploit-framework
-
-      - name: Extract Meterpreter (Windows)
-        if: ${{ matrix.meterpreter.name != 'mettle' && runner.os == 'Windows' && inputs.build_metasploit_payloads }}
-        shell: bash
-        run: |
-          set -x
-          download_path=$(cygpath -u '${{steps.download_meterpreter.outputs.download-path}}')
-          cp -r  $download_path/meterpreter-artifacts/* ./metasploit-framework
-
-      - name: Install mettle gem
-        if: ${{ matrix.meterpreter.name == 'mettle' && inputs.build_mettle }}
-        run: |
-          set -x
-          bundle exec gem install metasploit_payloads-mettle-${{ env.METTLE_VERSION }}.pre.dev.gem
-          ruby -pi.bak -e "gsub(/'metasploit_payloads-mettle', '.*'/, '\'metasploit_payloads-mettle\', \'${{ env.METTLE_VERSION }}.pre.dev\'')" metasploit-framework.gemspec
-          bundle config unset deployment
-          bundle update metasploit_payloads-mettle
-          bundle install
-        working-directory: metasploit-framework
-
-      - name: Checkout metasploit-payloads
-        if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' }}
-        uses: actions/checkout@v4
-        with:
-          repository: rapid7/metasploit-payloads
-          path: metasploit-payloads
-          ref: ${{ inputs.metasploit_payloads_commit }}
-
-      - name: Build Windows payloads via Visual Studio 2019 Build (Windows)
-        shell: cmd
-        if: ${{ matrix.meterpreter.name == 'windows_meterpreter' && matrix.os == 'windows-2019' && inputs.build_metasploit_payloads }}
-        run: |
-          cd c/meterpreter
-          git submodule init && git submodule update
-          "C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\Common7\Tools\VsDevCmd.bat" && make.bat
-        working-directory: metasploit-payloads
-
-      - name: Build Windows payloads via Visual Studio 2022 Build (Windows)
-        shell: pwsh
-        if: ${{ matrix.meterpreter.name == 'windows_meterpreter' && matrix.os == 'windows-2022' && inputs.build_metasploit_payloads }}
-        run: |
-          Set-Location "C:\Program Files (x86)\Microsoft Visual Studio\Installer\"
-          dir
-        # $InstallPath = "C:\Program Files\Microsoft Visual Studio\2022\Enterprise"
-        # $WorkLoads = '--config "D:\a\metasploit-payloads\metasploit-payloads\metasploit-payloads\c\meterpreter\vs-configs\vs2022.vsconfig"'
-        # $Arguments = ('/c', "vs_installer.exe", 'modify', '--installPath', "`"$InstallPath`"", $WorkLoads, '--quiet', '--norestart', '--nocache')
-        # $process = Start-Process -FilePath cmd.exe -ArgumentList $Arguments -Wait -PassThru -WindowStyle Hidden
-        # if ($process.ExitCode -eq 0) {
-        #   Write-Host "components have been successfully added"
-        # } else {
-        #   Write-Host "components were not installed"
-        #   exit 1
-        # }
-        # Set-Location "D:\a\metasploit-payloads\metasploit-payloads\metasploit-payloads\c\meterpreter"
-        # $r = Invoke-Command -ScriptBlock { cmd.exe /c 'git submodule init && git submodule update' }
-        # Write-Host $r
-        # $r = Invoke-Command -ScriptBlock { cmd.exe /c '"C:\Program Files\Microsoft Visual Studio\2022\Enterprise\Common7\Tools\VsDevCmd.bat" && make.bat' }
-        # Write-Host $r
-        working-directory: metasploit-payloads
-
-      - name: Build Windows payloads via Visual Studio 2025 Build (Windows)
-        shell: cmd
-        if: ${{ matrix.meterpreter.name == 'windows_meterpreter' && matrix.os == 'windows-2025' && inputs.build_metasploit_payloads }}
-        run: |
-          cd c/meterpreter
-          git submodule init && git submodule update
-          make.bat
-        working-directory: metasploit-payloads
-
-      - name: Get metasploit-payloads version
-        if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' }}
-        shell: bash
-        run: echo "METASPLOIT_PAYLOADS_VERSION=$(ruby -ne "puts Regexp.last_match(1) if /VERSION\s+=\s+'([^']+)'/" gem/lib/metasploit-payloads/version.rb)" | tee -a $GITHUB_ENV
-        working-directory: metasploit-payloads
-
-      - name: Install metasploit-payloads gem
-        if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' }}
-        run: |
-          bundle exec gem install metasploit-payloads-${{ env.METASPLOIT_PAYLOADS_VERSION }}.gem
-        working-directory: metasploit-framework
-
-      - name: Remove metasploit-payloads version from metasploit-framework.gemspec
-        if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' && runner.os != 'Windows' }}
-        run: |
-          ruby -pi -e "gsub(/metasploit-payloads', '\d+.\d+.\d+/, 'metasploit-payloads')" metasploit-framework.gemspec
-        working-directory: metasploit-framework
-
-      - name: Remove metasploit-payloads version from metasploit-framework.gemspec (Windows)
-        if: ${{ inputs.build_metasploit_payloads && (runner.os == 'Windows' && matrix.meterpreter.name != 'windows_meterpreter') && matrix.meterpreter.name != 'mettle' }}
-        shell: cmd
-        run: |
-          ruby -pi.bak -e "gsub(/metasploit-payloads', '\d+.\d+.\d+/, 'metasploit-payloads')" metasploit-framework.gemspec
-        working-directory: metasploit-framework
-
-      - name: Bundle update/install metasploit-payloads gem
-        if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' }}
-        run: |
-          bundle config unset deployment
-          bundle update metasploit-payloads
-          bundle install
-        working-directory: metasploit-framework
-
-      - name: Acceptance
-        env:
-          SPEC_HELPER_LOAD_METASPLOIT: false
-          SPEC_OPTS: "--tag acceptance --require acceptance_spec_helper.rb --color --format documentation --format AllureRspec::RSpecFormatter"
-        # Unix run command:
-        #   SPEC_HELPER_LOAD_METASPLOIT=false bundle exec ./spec/acceptance
-        # Windows cmd command:
-        #   set SPEC_HELPER_LOAD_METASPLOIT=false
-        #   bundle exec rspec .\spec\acceptance
-        # Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting
-        # Additionally - flakey tests should be fixed or marked as flakey instead of silently retried
-        run: |
-          bundle exec rspec spec/acceptance/meterpreter_spec.rb
-        working-directory: metasploit-framework
-
-      - name: Archive results
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          # Provide a unique artifact for each matrix os, otherwise race conditions can lead to corrupt zips
-          name: raw-data-${{ matrix.meterpreter.name }}-${{ matrix.meterpreter.runtime_version }}-${{ matrix.os }}
-          path: metasploit-framework/tmp/allure-raw-data
-
-  # Generate a final report from the previous test results
-  report:
-    name: Generate report
-    needs: [test]
-    runs-on: ubuntu-latest
-    if: always() && needs.test.result != 'skipped'
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-        if: always()
-        with:
-          repository: rapid7/metasploit-framework
-          ref: ${{ inputs.metasploit_framework_commit }}
-
-      - name: Install system dependencies (Linux)
-        if: always()
-        run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        if: always()
-        env:
-          BUNDLE_FORCE_RUBY_PLATFORM: true
-        uses: ruby/setup-ruby@eaecf785f6a34567a6d97f686bbb7bccc1ac1e5c
-        with:
-          ruby-version: '3.3'
-          bundler-cache: true
-          cache-version: 5
-
-      - uses: actions/download-artifact@v4
-        id: raw_report_data
-        if: always()
-        with:
-          # Note: Not specifying a name will download all artifacts from the previous workflow jobs
-          path: raw-data
-
-      - name: allure generate
-        if: always()
-        run: |
-          export VERSION=2.22.1
-
-          curl -o allure-$VERSION.tgz -Ls https://github.com/allure-framework/allure2/releases/download/$VERSION/allure-$VERSION.tgz
-          tar -zxvf allure-$VERSION.tgz -C .
-
-          ls -la ${{steps.raw_report_data.outputs.download-path}}
-          ./allure-$VERSION/bin/allure generate ${{steps.raw_report_data.outputs.download-path}}/* -o ./allure-report
-
-          find ${{steps.raw_report_data.outputs.download-path}}
-          bundle exec ruby tools/dev/report_generation/support_matrix/generate.rb --allure-data ${{steps.raw_report_data.outputs.download-path}} > ./allure-report/support_matrix.html
-
-      - name: archive results
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          name: final-report-${{ github.run_id }}
-          path: |
-            ./allure-report
@@ -1,195 +0,0 @@
-name: Shared SMB Acceptance
-on:
-  workflow_call:
-    inputs:
-      # Defaults set as '' will use the current branch as their commit
-      metasploit_framework_commit:
-        description: "metasploit-framework commit to build with"
-        default: ''
-        required: false
-        type: string
-      build_smb:
-        description: "Whether or not to build ruby_smb"
-        default: false
-        required: false
-        type: boolean
-
-jobs:
-  smb:
-    runs-on: ${{ matrix.os }}
-    timeout-minutes: 60
-
-    strategy:
-      fail-fast: true
-      matrix:
-        ruby:
-          - '3.2'
-        os:
-          - ubuntu-latest
-
-    env:
-      RAILS_ENV: test
-      SMB_USERNAME: acceptance_tests_user
-      SMB_PASSWORD: acceptance_tests_password
-      BUNDLE_WITHOUT: "coverage development pcap"
-
-    name: SMB Acceptance - ${{ matrix.os }} - Ruby ${{ matrix.ruby }}
-    steps:
-      # The job checkout structure is:
-      #  .
-      #  ├── metasploit-framework
-      #  └── ruby_smb
-      - name: Checkout ruby_smb
-        uses: actions/checkout@v4
-        with:
-          repository: rapid7/ruby_smb
-          path: ruby_smb
-
-      - name: Get ruby_smb version
-        if: ${{ inputs.build_smb }}
-        run: |
-          echo "RUBY_SMB_VERSION=$(grep -oh '[0-9].[0-9].[0-9]*' lib/ruby_smb/version.rb)" | tee -a $GITHUB_ENV
-        working-directory: ruby_smb
-
-      - name: Build ruby_smb gem
-        if: ${{ inputs.build_smb }}
-        run: |
-          gem build ruby_smb.gemspec
-        working-directory: ruby_smb
-
-      - name: Install system dependencies
-        run: sudo apt-get install -y --no-install-recommends libpcap-dev graphviz
-
-      - name: Checkout metasploit-framework code
-        uses: actions/checkout@v4
-        with:
-          repository: rapid7/metasploit-framework
-          path: metasploit-framework
-          ref: ${{ inputs.metasploit_framework_commit }}
-
-      - name: Run docker container
-        working-directory: 'metasploit-framework'
-        run: |
-          cd test/smb
-          docker compose build
-          docker compose up --wait -d
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        env:
-          # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM
-          BUNDLE_FORCE_RUBY_PLATFORM: "${{ contains(matrix.ruby, 'preview') && 'true' || 'false' }}"
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: '${{ matrix.ruby }}'
-          bundler-cache: true
-          working-directory: 'metasploit-framework'
-
-      - name: Copy ruby_smb gem into metasploit-framework
-        if: ${{ inputs.build_smb }}
-        run: |
-          cp ../ruby_smb/ruby_smb-${{ env.RUBY_SMB_VERSION }}.gem .
-        working-directory: metasploit-framework
-
-      - name: Install ruby_smb gem
-        if: ${{ inputs.build_smb }}
-        run: |
-          bundle exec gem install ruby_smb-${{ env.RUBY_SMB_VERSION }}.gem
-          bundle config unset deployment
-          bundle update ruby_smb
-          bundle install
-        working-directory: metasploit-framework
-
-      - name: acceptance
-        env:
-          SPEC_HELPER_LOAD_METASPLOIT: false
-          SPEC_OPTS: "--tag acceptance --require acceptance_spec_helper.rb --color --format documentation --format AllureRspec::RSpecFormatter"
-          RUNTIME_VERSION: 'latest'
-        # Unix run command:
-        #   SPEC_HELPER_LOAD_METASPLOIT=false bundle exec ./spec/acceptance
-        # Windows cmd command:
-        #   set SPEC_HELPER_LOAD_METASPLOIT=false
-        #   bundle exec rspec .\spec\acceptance
-        # Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting
-        # Additionally - flakey tests should be fixed or marked as flakey instead of silently retried
-        run: |
-          bundle exec rspec spec/acceptance/smb_spec.rb
-        working-directory: metasploit-framework
-
-      - name: Archive results
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          # Provide a unique artifact for each matrix os, otherwise race conditions can lead to corrupt zips
-          name: smb_acceptance-${{ matrix.os }}
-          path: metasploit-framework/tmp/allure-raw-data
-
-  # Generate a final report from the previous test results
-  report:
-    name: Generate report
-    needs:
-      - smb
-    runs-on: ubuntu-latest
-    if: always()
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-        with:
-          repository: rapid7/metasploit-framework
-          path: metasploit-framework
-          ref: ${{ inputs.metasploit_framework_commit }}
-
-      - name: Install system dependencies (Linux)
-        if: always()
-        run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        if: always()
-        env:
-          BUNDLE_FORCE_RUBY_PLATFORM: true
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: '${{ matrix.ruby }}'
-          bundler-cache: true
-          cache-version: 4
-          working-directory: metasploit-framework
-
-      - uses: actions/download-artifact@v4
-        id: download
-        if: always()
-        with:
-          # Note: Not specifying a name will download all artifacts from the previous workflow jobs
-          path: raw-data
-
-      - name: allure generate
-        if: always()
-        run: |
-          export VERSION=2.22.1
-
-          curl -o allure-$VERSION.tgz -Ls https://github.com/allure-framework/allure2/releases/download/$VERSION/allure-$VERSION.tgz
-          tar -zxvf allure-$VERSION.tgz -C .
-
-          ls -la ${{steps.download.outputs.download-path}}
-          ./allure-$VERSION/bin/allure generate ${{steps.download.outputs.download-path}}/* -o ./allure-report
-
-          find ${{steps.download.outputs.download-path}}
-          bundle exec ruby tools/dev/report_generation/support_matrix/generate.rb --allure-data ${{steps.download.outputs.download-path}} > ./allure-report/support_matrix.html
-        working-directory: metasploit-framework
-
-      - name: archive results
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          name: final-report-${{ github.run_id }}
-          path: |
-            ./allure-report
@@ -1,46 +0,0 @@
-name: SMB Acceptance
-
-# Optional, enabling concurrency limits: https://docs.github.com/en/actions/using-jobs/using-concurrency
-#concurrency:
-#  group: ${{ github.ref }}-${{ github.workflow }}
-#  cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
-
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  issues: none
-  discussions: none
-  packages: none
-  pages: none
-  pull-requests: none
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  push:
-    branches-ignore:
-      - gh-pages
-      - metakitty
-  pull_request:
-    branches:
-      - '*'
-    paths:
-      - 'metsploit-framework.gemspec'
-      - 'Gemfile.lock'
-      - '**/**smb**'
-      - 'spec/acceptance/**'
-      - 'spec/support/acceptance/**'
-      - 'spec/acceptance_spec_helper.rb'
-      - '.github/**'
-#   Example of running as a cron, to weed out flaky tests
-#  schedule:
-#    - cron: '*/15 * * * *'
-
-jobs:
-  build:
-    uses: ./.github/workflows/shared_smb_acceptance.yml
@@ -1,119 +0,0 @@
-name: Verify
-
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  issues: none
-  discussions: none
-  packages: none
-  pages: none
-  pull-requests: none
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  push:
-    branches-ignore:
-      - gh-pages
-      - metakitty
-      - weekly-dependency-updates
-  pull_request:
-    branches-ignore:
-      - weekly-dependency-updates
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    timeout-minutes: 60
-    name: Docker Build
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      - name: docker-compose build
-        run: |
-          docker compose build
-
-  test:
-    runs-on: ${{ matrix.os }}
-    timeout-minutes: 60
-
-    services:
-      postgres:
-        image: postgres:9.6
-        ports: ["5432:5432"]
-        env:
-          POSTGRES_USER: postgres
-          POSTGRES_PASSWORD: postgres
-        options: >-
-          --health-cmd "pg_isready --username postgres"
-          --health-interval 10s
-          --health-timeout 5s
-          --health-retries 5
-
-    strategy:
-      fail-fast: true
-      matrix:
-        ruby:
-          - '3.2'
-          - '3.3'
-          - '3.4'
-        os:
-          - ubuntu-latest
-        include:
-          - os: ubuntu-latest
-            ruby: '3.2'
-            test_cmd: 'bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag content" MSF_FEATURE_DEFER_MODULE_LOADS=1'
-        test_cmd:
-          - bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag content"
-          - bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag ~content"
-          # Used for testing the remote data service
-          - bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag content" REMOTE_DB=1
-          - bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag ~content" REMOTE_DB=1
-
-    env:
-      RAILS_ENV: test
-      BUNDLE_WITHOUT: "coverage development pcap"
-
-    name: ${{ matrix.os }} - Ruby ${{ matrix.ruby }} - ${{ matrix.test_cmd }}
-    steps:
-      - name: Install system dependencies
-        run: sudo apt-get install -y --no-install-recommends libpcap-dev graphviz
-
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      # https://github.com/orgs/community/discussions/26952
-      - name: Support longpaths
-        if: runner.os == 'Windows'
-        run: git config --system core.longpaths true
-
-      - name: Setup Ruby
-        env:
-          # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM
-          BUNDLE_FORCE_RUBY_PLATFORM: "${{ contains(matrix.ruby, 'preview') && 'true' || 'false' }}"
-        uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: '${{ matrix.ruby }}'
-          bundler-cache: true
-
-      - name: Create database
-        run: |
-          cp config/database.yml.github_actions config/database.yml
-          bundle exec rake --version
-          bundle exec rake db:create
-          bundle exec rake db:migrate
-          # fail build if db/schema.rb update is not committed
-          git diff --exit-code db/schema.rb
-
-      - name: ${{ matrix.test_cmd }}
-        run: |
-          echo "${CMD}"
-          bash -c "${CMD}"
-        env:
-          CMD: ${{ matrix.test_cmd }}
@@ -1,98 +0,0 @@
-name: Weekly Data and External Tool Updater
-
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: write
-  deployments: none
-  id-token: none
-  issues: none
-  discussions: none
-  packages: none
-  pages: none
-  pull-requests: write
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  schedule:
-    # Run once a week (e.g., every Monday at 01:00 UTC)
-    - cron: '0 1 * * 1'
-  workflow_dispatch: # Allows manual triggering from the Actions tab
-
-jobs:
-  update-data-files:
-    runs-on: ubuntu-latest
-
-    if: github.repository_owner == 'rapid7'
-
-    env:
-      BUNDLE_WITHOUT: "coverage development pcap"
-
-    strategy:
-      fail-fast: true
-      matrix:
-        ruby:
-          - '3.2'
-
-    steps:
-      - name: Install system dependencies
-        run: sudo apt-get install libpcap-dev graphviz
-
-      - name: Checkout code
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: '${{ matrix.ruby }}'
-          bundler-cache: true
-
-      - name: Run Ruby updater scripts
-        run: |
-          ruby tools/dev/update_wordpress_vulnerabilities.rb
-          ruby tools/dev/update_joomla_components.rb
-          ruby tools/dev/update_user_agent_strings.rb
-          ruby tools/dev/check_external_scripts.rb -u
-      - name: Remove vendor folder # prevent git from adding it
-        run: rm -rf vendor
-
-      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v7
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-          commit-message: Update report
-          base: master
-          branch: weekly-updates
-          committer: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
-          author: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
-          title: "Weekly Data Update"
-          draft: false
-          body: |
-            This pull request was created automatically by a GitHub Action to update data files and external scripts.
-            The following tools were run:
-            - ruby tools/dev/update_wordpress_vulnerabilities.rb
-            - ruby tools/dev/update_joomla_components.rb
-            - ruby tools/dev/update_user_agent_strings.rb
-            - ruby tools/dev/check_external_scripts.rb -u
-            ## Verification
-            ### Wordpress/Joomla Files
-            - [ ] Do a sanity check, do the additions look legit?
-            - [ ] Start `msfconsole`
-            - [ ] `use modules/auxiliary/scanner/http/wordpress_scanner`
-            - [ ] **Verify** it runs
-            ### JTR Files
-            - [ ] Do a sanity check, do the additions look legit?
-            - [ ] See https://docs.metasploit.com/docs/using-metasploit/intermediate/hashes-and-password-cracking.html#example-hashes for hashes and cracking
-            ### SharpHound
-            - [ ] Start `msfconsole`
-            - [ ] get a shell on a DC or box connected to a dc
-            - [ ] `use post/windows/gather/bloodhound`
-            - [ ] `set session`
-            - [ ] `run`
-            - [ ] **Verify** it runs w/o erroring
-            - [ ] `set method disk`
-            - [ ] **Verify** it runs w/o erroring
@@ -1,69 +0,0 @@
-# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
-permissions:
-  actions: none
-  checks: none
-  contents: none
-  deployments: none
-  id-token: none
-  # This action can update/close issues
-  issues: write
-  discussions: none
-  packages: none
-  pages: none
-  pull-requests: write
-  repository-projects: none
-  security-events: none
-  statuses: none
-
-on:
-  push:
-    branches:
-    - weekly-dependency-updates
-    paths:
-    - 'Gemfile.lock'
-
-name: Weekly dependency PR workflow
-
-jobs:
-  create-pull-request:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Create Pull Request
-        uses: actions/github-script@v6
-        with:
-          script: |
-            const { repo, owner } = context.repo;
-            console.log('repo:');
-            console.log(JSON.stringify(repo, null, 4));
-            console.log('owner:');
-            console.log(JSON.stringify(owner, null, 4));
-            const hasPR = await github.rest.pulls.list({
-              owner,
-              repo,
-              head: owner + ':' + '${{ github.ref_name }}'
-            });
-            console.log('hasPR:');
-            console.log(JSON.stringify({ data: hasPR.data, status: hasPR.status }, null, 4));
-            if (Array.isArray(hasPR.data) && !hasPR.data.length) {
-              const result = await github.rest.pulls.create({
-                title: 'Weekly dependency updates',
-                owner,
-                repo,
-                head: '${{ github.ref_name }}',
-                base: 'master',
-                body: [
-                  'This PR is auto-generated by [actions/github-script](https://github.com/actions/github-script).  ',
-                  '`bundle update` revealed the following gems have new version to be evaluated for update.'
-                ].join('\n')
-              });
-              console.log('result:');
-              console.log(JSON.stringify({ data: result.data, status: result.status }, null, 4));
-              const labelResult = await github.rest.issues.addLabels({
-                owner,
-                repo,
-                issue_number: result.data.number,
-                labels: ['automation', 'rn-no-release-notes']
-              });
-              console.log('labelResult:');
-              console.log(JSON.stringify({ data: labelResult.data, status: labelResult.status }, null, 4));
-            }
@@ -1,51 +1,21 @@
-.bundle
-Gemfile.local
-Gemfile.local.lock
 # Rubymine project directory
 .idea
-# Visual Studio Code configuration settings directory
-.vscode
-# Sublime Text project directory (not created by ST by default)
-.sublime-project
-# RVM control file, keep this to avoid backdooring Metasploit
+# RVM control file
 .rvmrc
-# Allow for a local choice of (unsupported / semi-supported) ruby versions
-# See PR #4136 for usage, but example usage for rvm:
-#   rvm --create --versions-conf use 2.1.4@metasploit-framework
-# Because rbenv doesn't use .versions.conf, to achieve this same functionality, run:
-#   rbenv shell 2.1.4
-.versions.conf
 # YARD cache directory
 .yardoc
 # Mac OS X files
 .DS_Store
-# Ignore Solargraph config file
-.solargraph.yml
-# database config for testing
-config/database.yml
-# target config file for testing
-features/support/targets.yml
-# Generated test files
-spec/dummy
 # simplecov coverage data
 coverage
+data/meterpreter/ext_server_pivot.dll
+data/meterpreter/ext_server_pivot.x64.dll
 doc/
 external/source/meterpreter/java/bin
 external/source/meterpreter/java/build
 external/source/meterpreter/java/extensions
 external/source/javapayload/bin
 external/source/javapayload/build
-# Java binary ignores. Replace the 5 above with this once we're merged.
-external/source/javapayload/*/.classpath
-external/source/javapayload/*/.project
-external/source/javapayload/*/.settings
-external/source/javapayload/*/bin
-external/source/javapayload/*/target
-external/source/javapayload/*/*/.classpath
-external/source/javapayload/*/*/.project
-external/source/javapayload/*/*/.settings
-external/source/javapayload/*/*/bin
-external/source/javapayload/*/*/target
 # Packaging directory
 pkg
 tags
@@ -53,55 +23,3 @@ tags
 *.orig
 *.rej
 *~
-# Ignore backups of retabbed files
-*.notab
-
-# ignore Visual Studio external source garbage
-*.suo
-*.sdf
-*.opensdf
-*.user
-
-# Rails log directory
-/log
-# Rails tmp directory
-/tmp
-
-# ignore release/debug folders for exploits
-external/source/exploits/**/Debug
-external/source/exploits/**/Release
-
-# Avoid checking in Meterpreter binaries. These are supplied upstream by
-# the metasploit-payloads gem.
-data/meterpreter/*.dll
-data/meterpreter/*.php
-data/meterpreter/*.py
-data/meterpreter/*.bin
-data/meterpreter/*.jar
-data/meterpreter/*.lso
-data/android
-data/java
-
-# Avoid checking in Meterpreter libs that are built from
-# private source. If you're interested in this functionality,
-# check out Metasploit Pro: https://metasploit.com/download
-data/meterpreter/ext_server_pivot.*.dll
-
-# Avoid checking in metakitty, the source for
-# https://rapid7.github.io/metasploit-framework. It's an orphan branch.
-/metakitty
-.vagrant
-
-# local docker compose overrides
-docker-compose.local*
-.env
-
-# Ignore python bytecode
-*.pyc
-rspec.failures
-
-#Ignore any base disk store files
-db/modules_metadata_base.pstore
-
-# gradle build files
-**/.gradle
@@ -1,46 +0,0 @@
-06da60cade4d9a7aebf265a76a4e5b0a8636ee6a:documentation/modules/exploit/multi/http/atlassian_confluence_rce_cve_2024_21683.md:73
-06da60cade4d9a7aebf265a76a4e5b0a8636ee6a:documentation/modules/exploit/multi/http/atlassian_confluence_rce_cve_2024_21683.md:76
-06da60cade4d9a7aebf265a76a4e5b0a8636ee6a:documentation/modules/exploit/multi/http/atlassian_confluence_rce_cve_2024_21683.md:119
-deabf9b1d846e4ced5dca20be5e21e8732762889:documentation/modules/exploit/multi/http/atlassian_confluence_rce_cve_2023_22527.md:16
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.1.0_platform:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.2.0_platform:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.10.0_collector:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.0.0_platform:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.7.0_platform:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.6.0_collector:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.9.0_collector:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.9.0_platform:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.0.0_proxy:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.7.0_collector:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.8.0_collector:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.4.0_platform:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.5.0_collector:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.3.0_platform:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.5.0_platform:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.8.0_platform:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.6.0_collector:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.10.0_platform:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.1.0_proxy:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.4.0_collector:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.2.0_collector:1
-b3b1595ef4046f4923109e44f7d113ed0f45e079:data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.3.0_collector:1
-58f9a39f72c623ab337a6768b34dc32f06d8ae67:documentation/modules/exploit/unix/webapp/zoneminder_snapshots.md:60
-686d704b371da3545f21b281b4ee29f3863cd3b7:documentation/modules/exploit/linux/http/apache_superset_cookie_sig_rce.md:57
-686d704b371da3545f21b281b4ee29f3863cd3b7:documentation/modules/exploit/linux/http/apache_superset_cookie_sig_rce.md:57
-619a46d45081c09c661da37a1b3665d8f82bc8d1:documentation/modules/exploit/linux/http/apache_superset_cookie_sig_rce.md:58
-619a46d45081c09c661da37a1b3665d8f82bc8d1:documentation/modules/exploit/linux/http/apache_superset_cookie_sig_rce.md:58
-619a46d45081c09c661da37a1b3665d8f82bc8d1:documentation/modules/exploit/linux/http/apache_superset_cookie_sig_rce.md:58
-619a46d45081c09c661da37a1b3665d8f82bc8d1:documentation/modules/exploit/linux/http/apache_superset_cookie_sig_rce.md:65
-e34ed10eca5b01a5d19ee6465eb0f336af5d77a4:documentation/modules/exploit/linux/http/apache_superset_cookie_sig_rce.md:86
-e34ed10eca5b01a5d19ee6465eb0f336af5d77a4:documentation/modules/exploit/linux/http/apache_superset_cookie_sig_rce.md:86
-e34ed10eca5b01a5d19ee6465eb0f336af5d77a4:documentation/modules/exploit/linux/http/apache_superset_cookie_sig_rce.md:86
-e34ed10eca5b01a5d19ee6465eb0f336af5d77a4:documentation/modules/exploit/linux/http/apache_superset_cookie_sig_rce.md:93
-94657d317ba4ecaa7f58bfc227b7e4a0bbec167e:data/wordlists/flask_secret_keys.txt:7642
-94657d317ba4ecaa7f58bfc227b7e4a0bbec167e:data/wordlists/flask_secret_keys.txt:8471
-94657d317ba4ecaa7f58bfc227b7e4a0bbec167e:data/wordlists/flask_secret_keys.txt:8472
-94657d317ba4ecaa7f58bfc227b7e4a0bbec167e:documentation/modules/auxiliary/gather/apache_superset_cookie_sig_priv_esc.md:75
-94657d317ba4ecaa7f58bfc227b7e4a0bbec167e:documentation/modules/auxiliary/gather/apache_superset_cookie_sig_priv_esc.md:75
-94657d317ba4ecaa7f58bfc227b7e4a0bbec167e:documentation/modules/auxiliary/gather/apache_superset_cookie_sig_priv_esc.md:75
-94657d317ba4ecaa7f58bfc227b7e4a0bbec167e:documentation/modules/auxiliary/gather/apache_superset_cookie_sig_priv_esc.md:77
-94657d317ba4ecaa7f58bfc227b7e4a0bbec167e:documentation/modules/auxiliary/gather/apache_superset_cookie_sig_priv_esc.md:77
-94657d317ba4ecaa7f58bfc227b7e4a0bbec167e:documentation/modules/auxiliary/gather/python_flask_cookie_signer.md:99
@@ -1,3 +0,0 @@
-[submodule "external/source/ReflectiveDLLInjection"]
-	path = external/source/ReflectiveDLLInjection
-	url = https://github.com/rapid7/ReflectiveDLLInjection.git
@@ -1,12 +0,0 @@
---
-inclusion: always
---
-
-# Metasploit Framework — Kiro Steering
-
-Follow the project's AI agent instructions and coding conventions defined in the repository root.
-
-## References
- AI agent instructions: #[[file:AGENTS.md]]
- Contributing guide: #[[file:CONTRIBUTING.md]]
- RuboCop config: #[[file:.rubocop.yml]]
@@ -1,190 +0,0 @@
-adfoster-r7 <adfoster-r7@github>       <alandavid_foster@rapid7.com>
-adeherdt-r7 <adeherdt-r7@github>       Arne De Herdt <arne_deherdt@rapid7.com>
-bwatters-r7 <bwatters-r7@github>       <bwatters@rapid7.com>
-cdelafuente-r7 <cdelafuente-r7@github> Christophe De La Fuente <christophe_delafuente@rapid7.com>
-cdoughty-r7 <cdoughty-r7@github>       <chris_doughty@rapid7.com>
-cgranleese-r7 <cgranleese-r7@github>   <christopher_granleese@rapid7.com>
-dheiland-r7 <dheiland-r7@github>       <dh@layereddefense.com>
-dwelch-r7 <dwelch-r7@github>           <dean_welch@rapid7.com>
-gwillcox-r7 <gwillcox-r7@github>       <Grant_Willcox@rapid7.com>
-jmartin-r7 <jmartin-r7@github>         <Jeffrey_Martin@rapid7.com>
-mkienow-r7 <mkienow-r7@github>         <matthew_kienow@rapid7.com>
-pdeardorff-r7 <pdeardorff-r7@github>   <paul_deardorff@rapid7.com>
-pdeardorff-r7 <pdeardorff-r7@github>   <Paul_Deardorff@rapid7.com>
-smcintyre-r7 <smcintyre-r7@github>     <spencer_mcintyre@rapid7.com>
-space-r7 <space-r7@github>             <shelby_pace@rapid7.com>
-todb-r7 <todb-r7@github>               <tod_beardsley@rapid7.com>
-todb-r7 <todb-r7@github>               <todb@metasploit.com>
-todb-r7 <todb-r7@github>               <todb@packetfu.com>
-dledda-r7 <dledda-r7@github>           <diego_ledda@rapid7.com>
-msutovsky-r7 <msutovsky-r7@github>     <martin_sutovsky@rapid7.com>
-
-# Above this line are current Rapid7 employees. Below this paragraph are
-# volunteers, former employees, and potential Rapid7 employees who, at
-# one time or another, had some largeish number of commits landed on
-# rapid7/metasploit-framework master branch.  This should be refreshed
-# periodically. If you're on this list and would like to not be, just
-# let todb@metasploit.com know.
-
-acammack-r7 <acammack-r7@github>       <acammack@aus-mbp-1099.aus.rapid7.com>
-acammack-r7 <acammack-r7@github>       <adam_cammack@rapid7.com>
-acammack-r7 <acammack-r7@github>       <Adam_Cammack@rapid7.com>
-adamgalway-r7 <adamgalway-r7@github>   <adam_galway@rapid7.com>
-asoto-r7 <asoto-r7@github>             <aaron_soto@rapid7.com>
-bannedit <bannedit@github>             David Rude <bannedit0@gmail.com>
-bcoles <bcoles@github>                 bcoles <bcoles@gmail.com>
-bcook-r7 <bcook-r7@github>             <bcook@rapid7.com>
-bcook-r7 <bcook-r7@github>             <busterb@gmail.com>
-bokojan <bokojan@github>               parzamendi-r7 <peter_arzamendi@rapid7.com>
-bpatterson-r7 <bpatterson-r7@github>   <bpatterson@rapid7.com>
-bpatterson-r7 <bpatterson-r7@github>   <Brian_Patterson@rapid7.com>
-brandonprry <brandonprry@github>       <bperry@brandons-mbp.attlocal.net>
-brandonprry <brandonprry@github>       Brandon Perry <bperry@bperry-rapid7.(none)>
-brandonprry <brandonprry@github>       Brandon Perry <bperry.volatile@gmail.com>
-brandonprry <brandonprry@github>       Brandon Perry <brandon.perry@zenimaxonline.com>
-bturner-r7 <bturner-r7@github>         <brandon_turner@rapid7.com>
-bwall <bwall@github>                   Brian Wallace <bwall@openbwall.com>
-bwall <bwall@github>                   (B)rian (Wall)ace <nightstrike9809@gmail.com>
-ceballosm <ceballosm@github>           Mario Ceballos <mc@metasploit.com>
-Chao-mu <Chao-Mu@github>               chao-mu <chao@confusion.(none)>
-Chao-mu <Chao-Mu@github>               <chao.mu@minorcrash.com>
-ChrisJohnRiley <ChrisJohnRiley@github> Chris John Riley <chris.riley@c22.cc>
-ChrisJohnRiley <ChrisJohnRiley@github> Chris John Riley <reg@c22.cc>
-claudijd <claudijd@github>             Jonathan Claudius <claudijd@yahoo.com>
-claudijd <claudijd@github>             Jonathan Claudius <jclaudius@trustwave.com>
-corelanc0d3r <corelanc0d3r@github>     corelanc0d3r <peter.ve@corelan.be>
-corelanc0d3r <corelanc0d3r@github>     Peter Van Eeckhoutte (corelanc0d3r) <peter.ve@corelan.be>
-crcatala <crcatala@github>             Christian Catalan <ccatalan@rapid7.com>
-darkoperator <darkoperator@github>     Carlos Perez <carlos_perez@darkoperator.com>
-DanielRTeixeira <DanielRTeixeira@github> Daniel Teixeira <danieljcrteixeira@gmail.com>
-dmaloney-r7 <dmaloney-r7@github>       <David_Maloney@rapid7.com>
-dmaloney-r7 <dmaloney-r7@github>       <DMaloney@rapid7.com>
-dmohanty-r7 <dmohanty-r7@github>       <Dev_Mohanty@rapid7.com>
-ecarey-r7 <ecarey-r7@github>           <e@ipwnstuff.com>
-efraintorres <efraintorres@github>     efraintorres <etlownoise@gmail.com>
-efraintorres <efraintorres@github>     et <>
-egypt <egypt@github>                   <egypt@metasploit.com> # aka egypt
-egypt <egypt@github>                   <james_lee@rapid7.com>
-espreto <espreto@github>               <robertoespreto@gmail.com>
-fab <fab@???>                          fab <> # fab at revhosts.net (Fabrice MOURRON)
-farias-r7 <farias-r7@github>           <fernando_arias@rapid7.com>
-FireFart <FireFart@github>             <firefart@gmail.com>
-FireFart <FireFart@github>             <FireFart@users.noreply.github.com>
-gmikeska-r7 <gmikeska-r7@github>       <greg_mikeska@rapid7.com>
-gmikeska-r7 <gmikeska-r7@github>       greg.mikeska@rapid7.com <=>
-gmikeska-r7 <gmikeska-r7@github>       greg.mikeska@rapid7.com <YOUR_USERNAME_FOR_EMAIL>
-g0tmi1k <g0tmi1k@github>               <g0tmi1k@users.noreply.github.com>
-g0tmi1k <g0tmi1k@github>               <have.you.g0tmi1k@gmail.com>
-h00die <h00die@github>                 <h00die@users.noreply.github.com>
-h00die <h00die@github>                 <mike@shorebreaksecurity.com>
-h0ng10 <h0ng10@github>                 h0ng10 <hansmartin.muench@googlemail.com>
-h0ng10 <h0ng10@github>                 Hans-Martin Münch <hansmartin.muench@googlemail.com>
-hdm <hdm@github>                       HD Moore <hdm@digitaloffense.net>
-hdm <hdm@github>                       HD Moore <hd_moore@rapid7.com>
-hdm <hdm@github>                       HD Moore <x@hdm.io>
-jabra <jabra@github>                   <jabra@spl0it.org>
-jbarnett-r7 <jbarnett-r7@github>       <James_Barnett@rapid7.com>
-jbarnett-r7 <jbarnett-r7@github>       <jbarnett@rapid7.com>
-jcran <jcran@github>                   <jcran@0x0e.org>
-jcran <jcran@github>                   <jcran@pentestify.com>
-jcran <jcran@github>                   <jcran@pwnieexpress.com>
-jcran <jcran@github>                   <jcran@rapid7.com>
-jduck <jduck@github>                   <github.jdrake@qoop.org>
-jduck <jduck@github>                   <jdrake@qoop.org>
-jgor <jgor@github>                     jgor <jgor@indiecom.org>
-jhart-r7 <jhart-r7@github>             <jon_hart@rapid7.com>
-jinq102030 <jinq102030@github>         <Jin_Qian@rapid7.com>
-jinq102030 <jinq102030@github>         <jqian@rapid7.com>
-joevennix <joevennix@github>           Joe Vennix <joevennix@gmail.com>
-joevennix <joevennix@github>           <Joe_Vennix@rapid7.com>
-joevennix <joevennix@github>           <joev@metasploit.com>
-joevennix <joevennix@github>           jvennix-r7 <Joe_Vennix@rapid7.com>
-juanvazquez <juanvazquez@github>       jvazquez-r7 <juan.vazquez@metasploit.com>
-juanvazquez <juanvazquez@github>       jvazquez-r7 <juan_vazquez@rapid7.com>
-kernelsmith <kernelsmith@github>       Joshua Smith <kernelsmith@kernelsmith.com>
-kernelsmith <kernelsmith@github>       Joshua Smith <kernelsmith@metasploit.com>
-kernelsmith <kernelsmith@github>       kernelsmith <kernelsmith@kernelsmith>
-kgray-r7 <kgray-r7@github>             <kyle_gray@rapid7.com>
-kost <kost@github>                     Vlatko Kosturjak <kost@linux.hr>
-kris <kris@???>                        kris <>
-KronicDeth <KronicDeth@github>         Luke Imhoff <luke_imhoff@rapid7.com>
-lsanchez-r7 <lsanchez-r7@github>       <lance@aus-mac-1041.aus.rapid7.com>
-lsanchez-r7 <lsanchez-r7@github>       <lance@AUS-MAC-1041.local>
-lsanchez-r7 <lsanchez-r7@github>       <lance.sanchez+github@gmail.com>
-lsanchez-r7 <lsanchez-r7@github>       <lance.sanchez@gmail.com>
-lsanchez-r7 <lsanchez-r7@github>       <lance.sanchez@rapid7.com>
-lsato-r7 <lsato-r7@github>             <lsato@rapid7.com>
-lvarela-r7 <lvarela-r7@github>         <“leonardo_varela@rapid7.com”>
-m-1-k-3 <m-1-k-3@github>               m-1-k-3 <github@s3cur1ty.de>
-m-1-k-3 <m-1-k-3@github>               m-1-k-3 <m1k3@s3cur1ty.de>
-m-1-k-3 <m-1-k-3@github>               m-1-k-3 <michael.messner@integralis.com>
-m-1-k-3 <m-1-k-3@github>               Michael Messner <devnull@s3cur1ty.de>
-Meatballs1 <Meatballs1@github>         <eat_meatballs@hotmail.co.uk>
-Meatballs1 <Meatballs1@github>         <Meatballs1@users.noreply.github.com>
-mubix <mubix@github>                   Rob Fuller <jd.mubix@gmail.com>
-mwalas-r7 <mwalas-r7@github>           <marcin_walas@rapid7.com>
-net-ninja <net-ninja@github.com>       Steven Seeley <steventhomasseeley@gmail.com>
-nevdull77 <nevdull77@github>           Patrik Karlsson <patrik@cqure.net>
-nmonkee <nmonkee@github>               nmonkee <dave@northern-monkee.co.uk>
-nullbind <nullbind@github>             nullbind <scott.sutherland@nullbind.com>
-nullbind <nullbind@github>             Scott Sutherland <scott.sutherland@nullbind.com>
-ohdae <ohdae@github>                   ohdae <bindshell@live.com>
-oj <oj@github>                         <oj@buffered.io>
-pbarry-r7 <pbarry-r7@github>           <pearce_barry@rapid7.com>
-r3dy <r3dy@github>                     Royce Davis <r3dy@Royces-MacBook-Pro.local>
-r3dy <r3dy@github>                     Royce Davis <rdavis@Royces-MacBook-Pro-2.local>
-r3dy <r3dy@github>                     Royce Davis <royce.e.davis@gmail.com>
-rep <mschloesser-r7@github>            Mark Schloesser <mark_schloesser@rapid7.com>
-rep <mschloesser-r7@github>            mschloesser-r7 <mark_schloesser@rapid7.com>
-RageLtMan <sempervictus@github>        <rageltman [at] sempervictus>
-RageLtMan <sempervictus@github>        <rageltman@sempervictus.com>
-Rick Flores <0xnanoquetz9l@gmail.com>  Rick Flores (nanotechz9l) <0xnanoquetz9l@gmail.com>
-rsmudge <rsmudge@github>               Raphael Mudge <rsmudge@gmail.com> # Aka `butane
-rwhitcroft <rwhitcroft@github>         <rwhitcroft.github@gmail.com>
-rwhitcroft <rwhitcroft@github>         <rwhitcroft@gmail.com>
-rwhitcroft <rwhitcroft@github>         <rwhitcroft@users.noreply.github.com>
-schierlm <schierlm@github>             Michael Schierl <schierlm@gmx.de> # Aka mihi
-scriptjunkie <scriptjunkie@github>     Matt Weeks <scriptjunkie@scriptjunkie.us>
-scriptjunkie <scriptjunkie@github>     scriptjunkie <scriptjunkie@scriptjunkie.us>
-sdavis-r7 <sdavis-r7@github>           <scott_davis@rapid7.com>
-sdavis-r7 <sdavis-r7@github>           <Scott_Davis@rapid7.com>
-sdavis-r7 <sdavis-r7@github>           <sdavis@rapid7.com>
-sgonzalez-r7 <sgonzalez-r7@github>     <sgonzalez@rapid7.com>
-sgonzalez-r7 <sgonzalez-r7@github>     <sonny_gonzalez@rapid7.com>
-shuckins-r7 <shuckins-r7@github>       <samuel_huckins@rapid7.com>
-sjanusz-r7 <sjanusz-r7@github>         <simon_janusz@rapid7.com>
-skape <skape@???>                      Matt Miller <mmiller@hick.org>
-smashery <smashery@github>             Ashley Donaldson <smashery@gmail.com>
-spoonm <spoonm@github>                 Spoon M <spoonm@gmail.com>
-stufus <stufus@github>                 Stuart Morgan <stuart.morgan@mwrinfosecurity.com>
-stufus <stufus@github>                 Stuart <stufus@users.noreply.github.com>
-swtornio <swtornio@github>             Steve Tornio <swtornio@gmail.com>
-Tasos Laskos <Tasos_Laskos@rapid7.com> Tasos Laskos <Tasos_Laskos@rapid7.com>
-tatanus <tatanus@github>               <adam_compton@rapid7.com>
-tdoan-r7 <tdoan-r7@github>             <thao_doan@rapid7.com>
-techpeace <techpeace@github>           Matt Buck <Matthew_Buck@rapid7.com>
-techpeace <techpeace@github>           Matt Buck <techpeace@gmail.com>
-timwr <timwr@github>                   <timrlw@gmail.com>
-TomSellers <TomSellers@github>         Tom Sellers <tom@fadedcode.net>
-trevrosen <trevrosen@github>           Trevor Rosen <trevor@catapult-creative.com>
-trevrosen <trevrosen@github>           Trevor Rosen <Trevor_Rosen@rapid7.com>
-TrustedSec <davek@trustedsec.com>      trustedsec <davek@trustedsec.com>
-void-in <void-in@github>               void_in <root@localhost.localdomain>
-void-in <void-in@github>               void-in <root@localhost.localdomain>
-void-in <void-in@github>               <void-in@users.noreply.github.com>
-void-in <void-in@github>               void-in <waqas.bsquare@gmail.com>
-void-in <void-in@github>               Waqas Ali <waqas.bsquare@gmail.com>
-wchen-r7 <wchen-r7@github>             <msfsinn3r@gmail.com> # aka sinn3r
-wchen-r7 <wchen-r7@github>             <wei_chen@rapid7.com>
-wwalker-r7 <wwalker-r7@github>         <wyatt_walker@rapid7.com>
-wwebb-r7 <wwebb-r7@github>             <William_Webb@rapid7.com>
-zeroSteiner <zeroSteiner@github>       Spencer McIntyre <zeroSteiner@gmail.com>
-
-# Aliases for utility author names. Since they're fake, typos abound
-
-Metasploit Bot <metasploit@rapid7.com>    Metasploit <metasploit@rapid7.com>
-Jenkins Bot <jenkins@rapid7.com>          Jenkins <jenkins@rapid7.com>
-Tab Assassin <tabassassin@metasploit.com> TabAssassin <tabasssassin@metasploit.com>
-Tab Assassin <tabassassin@metasploit.com> Tabassassin <tabassassin@metasploit.com>
-Tab Assassin <tabassassin@metasploit.com> Tabasssassin <tabassassin@metasploit.com>
-Tab Assassin <tabassassin@metasploit.com> URI Assassin <tabassassin@metasploit.com>
@@ -1,3 +1,2 @@
 --color
--format Fivemat
--require spec_helper
+--format documentation
@@ -1,698 +0,0 @@
-# This list was intially created by analyzing the last three months (51
-# modules) committed to Metasploit Framework. Many, many older modules
-# will have offenses, but this should at least provide a baseline for
-# new modules.
-#
-# Updates to this file should include a 'Description' parameter for any
-# explanation needed.
-
-# inherit_from: .rubocop_todo.yml
-
-AllCops:
-  TargetRubyVersion: 2.7
-  SuggestExtensions: false
-  NewCops: disable
-
-require:
-  - ./lib/rubocop/cop/layout/module_hash_on_new_line.rb
-  - ./lib/rubocop/cop/layout/module_hash_values_on_same_line.rb
-  - ./lib/rubocop/cop/layout/module_description_indentation.rb
-  - ./lib/rubocop/cop/layout/extra_spacing_with_bindata_ignored.rb
-  - ./lib/rubocop/cop/lint/module_disclosure_date_format.rb
-  - ./lib/rubocop/cop/lint/module_disclosure_date_present.rb
-  - ./lib/rubocop/cop/lint/deprecated_gem_version.rb
-  - ./lib/rubocop/cop/lint/module_enforce_notes.rb
-  - ./lib/rubocop/cop/lint/detect_invalid_pack_directives.rb
-  - ./lib/rubocop/cop/lint/detect_metadata_trailing_leading_whitespace.rb
-  - ./lib/rubocop/cop/lint/detect_outdated_cmd_exec_api.rb
-  - ./lib/rubocop/cop/lint/datastore_srvhost_usage.rb
-  - ./lib/rubocop/cop/lint/bare_check_code_in_non_exploit.rb
-
-Layout/SpaceBeforeBrackets:
-  Enabled: true
-
-Lint/AmbiguousAssignment:
-  Enabled: true
-
-Lint/DeprecatedConstants:
-  Enabled: true
-
-Lint/DuplicateBranch:
-  Description: >-
-    Disabled as it causes a lot of noise around our current exception/error handling
-  Enabled: false
-
-Lint/DuplicateRegexpCharacterClassElement:
-  Enabled: false
-
-Lint/EmptyBlock:
-  Enabled: false
-
-Lint/EmptyClass:
-  Enabled: false
-
-Lint/LambdaWithoutLiteralBlock:
-  Enabled: true
-
-Lint/NoReturnInBeginEndBlocks:
-  Enabled: true
-
-Lint/NumberedParameterAssignment:
-  Enabled: true
-
-Lint/OrAssignmentToConstant:
-  Enabled: true
-
-Lint/RedundantDirGlobSort:
-  Enabled: true
-
-Lint/SymbolConversion:
-  Enabled: true
-
-Lint/ToEnumArguments:
-  Enabled: true
-
-Lint/TripleQuotes:
-  Enabled: true
-
-Lint/UnexpectedBlockArity:
-  Enabled: true
-
-Lint/UnmodifiedReduceAccumulator:
-  Enabled: true
-
-Lint/UnusedMethodArgument:
-  Description: >-
-    Disabled on files under the lib/ directory (aka library files)
-    as this can break YARD documentation since YARD doesn't recognize
-    the _ prefix before parameter names and thinks its a different argument.
-    See https://github.com/rapid7/metasploit-framework/pull/17735
-    Also see https://github.com/rubocop/rubocop/pull/11020
-  Enabled: true
-  Exclude:
-    - 'lib/**/*'
-
-Style/ArgumentsForwarding:
-  Enabled: true
-
-Style/BlockComments:
-  Description: >-
-    Disabled as multiline comments are great for embedded code snippets/payloads that can
-    be copy/pasted directly into a terminal etc.
-  Enabled: false
-
-Style/CaseLikeIf:
-  Description: >-
-    This would cause a lot of noise, and potentially introduce subtly different code when
-    being auto fixed. Could potentially be enabled in isolation, but would require more
-    consideration.
-  Enabled: false
-
-Style/CollectionCompact:
-  Enabled: true
-
-Style/DocumentDynamicEvalDefinition:
-  Enabled: false
-
-Style/EndlessMethod:
-  Enabled: true
-
-Style/FormatStringToken:
-  Enabled: true
-  Exclude:
-  # We aren't ready to enable this for modules yet
-    - 'modules/**/*'
-
-Style/HashExcept:
-  Enabled: true
-
-Style/IfWithBooleanLiteralBranches:
-  Description: >-
-    Most of the time this is a valid replacement. Although it can generate subtly different
-    rewrites that might break code:
-      2.7.2 :001 > foo = nil
-      => nil
-      2.7.2 :002 > (foo && foo['key'] == 'foo') ? true : false
-      => false
-      2.7.2 :003 > foo && foo['key'] == 'foo'
-      => nil
-  Enabled: false
-
-Style/NegatedIfElseCondition:
-  Enabled: false
-
-Style/MultipleComparison:
-  Description: >-
-    Disabled as it generates invalid code:
-      https://github.com/rubocop-hq/rubocop/issues/9520
-    It may also introduce subtle semantic issues if automatically applied to the
-    entire codebase without rigorous testing.
-  Enabled: false
-
-Style/NilLambda:
-  Enabled: true
-
-Style/RedundantArgument:
-  Enabled: false
-
-Style/RedundantAssignment:
-  Description: >-
-    Disabled as it sometimes improves the readability of code having an explicitly named
-    response object, it also makes it easier to put a breakpoint between the assignment
-    and return expression
-  Enabled: false
-
-Style/RedundantParentheses:
-  Description: >-
-    Disabled as it sometimes improves the readability of code
-  Enabled: false
-
-Style/RedundantRegexpArgument:
-  Enabled: true
-  Exclude:
-  # We aren't ready to enable this for modules yet
-    - 'modules/**/*'
-
-Style/SwapValues:
-  Enabled: false
-
-Layout/LineContinuationLeadingSpace:
-  Description: >-
-    Disabled as it sometimes improves the readability of code having leading spaces
-    for indented code strings.
-  Enabled: false
-
-Layout/ModuleHashOnNewLine:
-  Enabled: true
-
-Layout/ModuleHashValuesOnSameLine:
-  Enabled: true
-
-Layout/ModuleDescriptionIndentation:
-  Enabled: true
-
-Lint/DetectInvalidPackDirectives:
-  Enabled: true
-
-Lint/ModuleDisclosureDateFormat:
-  Enabled: true
-
-Lint/ModuleDisclosureDatePresent:
-  Include:
-    # Only exploits require disclosure dates, but they can be present in auxiliary modules etc.
-    - 'modules/exploits/**/*'
-
-Lint/ModuleEnforceNotes:
-  Include:
-    # Only exploits and auxiliary modules require SideEffects to be listed.
-    - 'modules/exploits/**/*'
-    - 'modules/auxiliary/**/*'
-    - 'modules/post/**/*'
-
-Lint/DeprecatedGemVersion:
-  Enabled: true
-  Exclude:
-    - 'metasploit-framework.gemspec'
-
-Metrics/ModuleLength:
-  Description: 'Most Metasploit modules are quite large. This is ok.'
-  Enabled: false
-
-Metrics/ClassLength:
-  Description: 'Most Metasploit classes are quite large. This is ok.'
-  Enabled: false
-
-Style/ClassAndModuleChildren:
-  Enabled: false
-  Description: 'Forced nesting is harmful for grepping and general code comprehension'
-
-Metrics/AbcSize:
-  Enabled: false
-  Description: 'This is often a red-herring'
-
-Metrics/CyclomaticComplexity:
-  Enabled: false
-  Description: 'This is often a red-herring'
-
-Metrics/PerceivedComplexity:
-  Enabled: false
-  Description: 'This is often a red-herring'
-
-Metrics/BlockNesting:
-  Description: >-
-    This is a good rule to follow, but will cause a lot of overhead introducing this rule.
-  Enabled: false
-
-Metrics/ParameterLists:
-  Description: >-
-    This is a good rule to follow, but will cause a lot of overhead introducing this rule.
-    Increasing the max count for now
-  Max: 8
-
-Style/TernaryParentheses:
-  Enabled: false
-  Description: 'This outright produces bugs'
-
-Style/FrozenStringLiteralComment:
-  Enabled: false
-  Description: 'We cannot support this yet without a lot of things breaking'
-
-Style/MutableConstant:
-  Enabled: false
-  Description: 'We cannot support this yet without a lot of things breaking'
-
-Style/RedundantReturn:
-  Description: 'This often looks weird when mixed with actual returns, and hurts nothing'
-  Enabled: false
-
-Naming/HeredocDelimiterNaming:
-  Description: >-
-    Could be enabled in isolation with additional effort.
-  Enabled: false
-
-Naming/AccessorMethodName:
-  Description: >-
-    Disabled for now, as this naming convention is used in a lot of core library files.
-    Could be enabled in isolation with additional effort.
-  Enabled: false
-
-Naming/ConstantName:
-  Description: >-
-    Disabled for now, Metasploit is unfortunately too inconsistent with its naming to introduce
-    this. Definitely possible to enforce this in the future if need be.
-
-    Examples:
-        ManualRanking, LowRanking, etc.
-        NERR_ClientNameNotFound
-        HttpFingerprint
-        CachedSize
-        ErrUnknownTransferId
-  Enabled: false
-
-Naming/VariableNumber:
-  Description: 'To make it easier to use reference code, disable this cop'
-  Enabled: false
-
-Style/NumericPredicate:
-  Description: 'This adds no efficiency nor space saving'
-  Enabled: false
-
-Style/EvenOdd:
-  Description: 'This adds no efficiency nor space saving'
-  Enabled: false
-
-Style/FloatDivision:
-  Description: 'Not a safe rule to run on Metasploit without manual verification as the right hand side may be a string'
-  Enabled: false
-
-Style/FormatString:
-  Description: 'Not a safe rule to run on Metasploit without manual verification that the format is not redefined/shadowed'
-  Enabled: false
-
-Style/Documentation:
-  Enabled: true
-  Description: 'Most Metasploit modules do not have class documentation.'
-  Exclude:
-    - 'modules/**/*'
-    - 'test/modules/**/*'
-    - 'spec/file_fixtures/modules/**/*'
-
-Layout/FirstArgumentIndentation:
-  Enabled: true
-  EnforcedStyle: consistent
-  Description: 'Useful for the module hash to be indented consistently'
-
-Layout/ArgumentAlignment:
-  Enabled: true
-  EnforcedStyle: with_first_argument
-  Description: 'Useful for the module hash to be indented consistently'
-
-Layout/FirstHashElementIndentation:
-  Enabled: true
-  EnforcedStyle: consistent
-  Description: 'Useful for the module hash to be indented consistently'
-
-Layout/FirstHashElementLineBreak:
-  Enabled: true
-  Description: 'Enforce consistency by breaking hash elements on to new lines'
-
-Layout/SpaceInsideArrayLiteralBrackets:
-  Enabled: false
-  Description: 'Almost all module metadata have space in brackets'
-
-Style/GuardClause:
-  Enabled: false
-  Description: 'This often introduces bugs in tested code'
-
-Style/EmptyLiteral:
-  Enabled: false
-  Description: 'This looks awkward when you mix empty and non-empty literals'
-
-Style/NegatedIf:
-  Enabled: false
-  Description: 'This often introduces bugs in tested code'
-
-Style/ConditionalAssignment:
-  Enabled: false
-  Description: 'This is confusing for folks coming from other languages'
-
-Style/Encoding:
-  Description: 'We prefer binary to UTF-8.'
-  Enabled: false
-
-Style/ParenthesesAroundCondition:
-  Enabled: false
-  Description: 'This is used in too many places to discount, especially in ported code. Has little effect'
-
-Style/StringConcatenation:
-  Enabled: false
-  Description: >-
-    Disabled for now as it changes escape sequences when auto corrected:
-      https://github.com/rubocop/rubocop/issues/9543
-
-    Additionally seems to break with multiline string concatenation with trailing comments, example:
-      payload = "\x12" + # Size
-                "\x34" + # eip
-                "\x56"   # etc
-    With `rubocop -A` this will become:
-      payload = "\u00124V"    # etc
-
-Style/TrailingCommaInArrayLiteral:
-  Enabled: false
-  Description: 'This is often a useful pattern, and is actually required by other languages. It does not hurt.'
-
-Layout/LineLength:
-  Description: >-
-    Metasploit modules often pattern match against very
-    long strings when identifying targets.
-  Enabled: false
-
-Metrics/BlockLength:
-  Enabled: true
-  Description: >-
-    While the style guide suggests 10 lines, exploit definitions
-    often exceed 200 lines.
-  Max: 300
-
-Metrics/MethodLength:
-  Enabled: true
-  Description: >-
-    While the style guide suggests 10 lines, exploit definitions
-    often exceed 200 lines.
-  Max: 300
-
-Naming/MethodParameterName:
-  Enabled: true
-  Description: 'Whoever made this requirement never looked at crypto methods, IV'
-  MinNameLength: 2
-
-Naming/PredicateName:
-  Enabled: true
-  # Current methods that break the rule, so that we don't add additional methods that break the convention
-  AllowedMethods:
-    - has_additional_info?
-    - has_advanced_options?
-    - has_auth
-    - has_auto_target?
-    - has_bad_activex?
-    - has_badchars?
-    - has_chars?
-    - has_check?
-    - has_command?
-    - has_content_type_extension?
-    - has_datastore_cred?
-    - has_evasion_options?
-    - has_fatal_errors?
-    - has_fields
-    - has_files?
-    - has_flag?
-    - has_function_name?
-    - has_gcc?
-    - has_h2_headings
-    - has_input_name?
-    - has_j_security_check?
-    - has_key?
-    - has_match?
-    - has_module
-    - has_object_ref
-    - has_objects_list
-    - has_options?
-    - has_page?
-    - has_passphrase?
-    - has_pid?
-    - has_pkt_line_data?
-    - has_prereqs?
-    - has_privacy_waiver?
-    - has_privates?
-    - has_protected_mode_prompt?
-    - has_proxy?
-    - has_read_data?
-    - has_ref?
-    - has_required_args
-    - has_required_module_options?
-    - has_requirements
-    - has_rop?
-    - has_s_flag?
-    - has_service_cred?
-    - has_subscriber?
-    - has_subtree?
-    - has_text
-    - has_tlv?
-    - has_u_flag?
-    - has_users?
-    - has_vuln?
-    - has_waiver?
-    - have_auth_error?
-    - have_powershell?
-    - is_accessible?
-    - is_admin?
-    - is_alive?
-    - is_alpha_web_server?
-    - is_android?
-    - is_app_binom3?
-    - is_app_carlogavazzi?
-    - is_app_cnpilot?
-    - is_app_epaduo?
-    - is_app_epmp1000?
-    - is_app_infovista?
-    - is_app_ironport?
-    - is_app_metweblog?
-    - is_app_oilom?
-    - is_app_openmind?
-    - is_app_popad?
-    - is_app_radware?
-    - is_app_rfreader?
-    - is_app_sentry?
-    - is_app_sevone?
-    - is_app_splunk?
-    - is_app_ssl_vpn?
-    - is_array_type?
-    - is_auth_required?
-    - is_author_blacklisted?
-    - is_badchar
-    - is_base64?
-    - is_bind?
-    - is_cached_size_accurate?
-    - is_cgi_enabled?
-    - is_cgi_exploitable?
-    - is_check_interesting?
-    - is_child_of?
-    - is_clr_enabled
-    - is_connect?
-    - is_dlink?
-    - is_dn?
-    - is_dynamic?
-    - is_error_code
-    - is_exception?
-    - is_exploit_module?
-    - is_exploitable?
-    - is_fqdn?
-    - is_glob?
-    - is_groupwise?
-    - is_guest_mode_enabled?
-    - is_hash_from_empty_pwd?
-    - is_high_integrity?
-    - is_hostname?
-    - is_ie?
-    - is_imc?
-    - is_imc_som?
-    - is_in_admin_group?
-    - is_interface?
-    - is_ip_targeted?
-    - is_key_wanted?
-    - is_leaf?
-    - is_local?
-    - is_logged_in?
-    - is_loggedin
-    - is_loopback_address?
-    - is_mac?
-    - is_match
-    - is_md5_format?
-    - is_module_arch?
-    - is_module_platform?
-    - is_module_wanted?
-    - is_multi_platform_exploit?
-    - is_not_null?
-    - is_null_pointer
-    - is_null_pointer?
-    - is_num?
-    - is_num_type?
-    - is_numeric
-    - is_online?
-    - is_parseable
-    - is_pass_ntlm_hash?
-    - is_passwd_method?
-    - is_password_required?
-    - is_payload_compatible?
-    - is_payload_platform_compatible?
-    - is_pointer_type?
-    - is_pri_key?
-    - is_proficy?
-    - is_rdp_up
-    - is_remote_exploit?
-    - is_resource_taken?
-    - is_rf?
-    - is_rmi?
-    - is_root?
-    - is_routable?
-    - is_running?
-    - is_scan_complete
-    - is_secure_admin_disabled?
-    - is_session_type?
-    - is_signature_correct?
-    - is_single_object?
-    - is_struct_type?
-    - is_supermicro?
-    - is_superuser?
-    - is_sws?
-    - is_system?
-    - is_system_user?
-    - is_target?
-    - is_target_suitable?
-    - is_trial_enabled?
-    - is_trustworthy
-    - is_uac_enabled?
-    - is_url_alive
-    - is_usable?
-    - is_uuid?
-    - is_valid?
-    - is_valid_bus?
-    - is_valid_snmp_value
-    - is_value_wanted?
-    - is_version_compat?
-    - is_version_tested?
-    - is_vmware?
-    - is_vul
-    - is_vulnerable?
-    - is_warbird?
-    - is_windows?
-    - is_writable
-    - is_writable?
-    - is_x86?
-    - is_zigbee_hwbridge_session?
-
-# %q() is super useful for long strings split over multiple lines and
-# is very common in module constructors for things like descriptions
-Style/RedundantPercentQ:
-  Enabled: false
-
-Style/NumericLiterals:
-  Enabled: false
-  Description: 'This often hurts readability for exploit-ish code.'
-
-Layout/FirstArrayElementLineBreak:
-  Enabled: true
-  Description: 'This cop checks for a line break before the first element in a multi-line array.'
-
-Layout/FirstArrayElementIndentation:
-  Enabled: true
-  EnforcedStyle: consistent
-  Description: 'Useful to force values within the register_options array to have sane indentation'
-
-Layout/EmptyLinesAroundClassBody:
-  Enabled: false
-  Description: 'these are used to increase readability'
-
-Layout/EmptyLinesAroundMethodBody:
-  Enabled: true
-
-Layout/ExtraSpacingWithBinDataIgnored:
-  Description: 'Do not use unnecessary spacing.'
-  Enabled: true
-  # When true, allows most uses of extra spacing if the intent is to align
-  # things with the previous or next line, not counting empty lines or comment
-  # lines.
-  AllowForAlignment: false
-  # When true, allows things like 'obj.meth(arg)  # comment',
-  # rather than insisting on 'obj.meth(arg) # comment'.
-  # If done for alignment, either this OR AllowForAlignment will allow it.
-  AllowBeforeTrailingComments: true
-  # When true, forces the alignment of `=` in assignments on consecutive lines.
-  ForceEqualSignAlignment: false
-
-Style/For:
-  Enabled: false
-  Description: 'if a module is written with a for loop, it cannot always be logically replaced with each'
-
-Style/WordArray:
-  Enabled: false
-  Description: 'Metasploit prefers consistent use of []'
-
-Style/IfUnlessModifier:
-  Enabled: false
-  Description: 'This style might save a couple of lines, but often makes code less clear'
-
-Style/PercentLiteralDelimiters:
-  Description: 'Use `%`-literal delimiters consistently.'
-  Enabled: true
-  # Specify the default preferred delimiter for all types with the 'default' key
-  # Override individual delimiters (even with default specified) by specifying
-  # an individual key
-  PreferredDelimiters:
-    default: ()
-    '%i': '[]'
-    '%I': '[]'
-    '%r': '{}'
-    '%w': '[]'
-    '%W': '[]'
-    '%q': '{}' # Chosen for module descriptions as () are frequently used characters, whilst {} are rarely used
-  VersionChanged: '0.48.1'
-
-Style/RedundantBegin:
-  Enabled: true
-
-Style/SafeNavigation:
-  Description: >-
-    This cop transforms usages of a method call safeguarded by
-    a check for the existence of the object to
-    safe navigation (`&.`).
-
-    This has been disabled as in some scenarios it produced invalid code, and disobeyed the 'AllowedMethods'
-    configuration.
-  Enabled: false
-
-Style/UnpackFirst:
-  Description: >-
-    Disabling to make it easier to copy/paste `unpack('h*')` expressions from code
-    into a debugging REPL.
-  Enabled: false
-
-Lint/DetectMetadataTrailingLeadingWhitespace:
-  Enabled: true
-
-Lint/DetectOutdatedCmdExecApi:
-  Description: >-
-    Detects outdated usage of cmd_exec with separate arguments.
-    Use `create_process(executable, args: [], time_out: 15, opts: {})` API with an args array instead.
-  Enabled: true
-
-Lint/BareCheckCodeInNonExploit:
-  Description: >-
-    Use Exploit::CheckCode instead of bare CheckCode in non-exploit modules.
-    Bare CheckCode will raise a NameError at runtime in auxiliary, post, and evasion modules
-    because CheckCode is defined inside Msf::Exploit which is not in their ancestor chain.
-  Enabled: true
-  Include:
-    - 'modules/auxiliary/**/*'
-    - 'modules/post/**/*'
-    - 'modules/evasion/**/*'
@@ -1 +0,0 @@
-metasploit-framework
@@ -1 +0,0 @@
-3.3.8
@@ -1,57 +0,0 @@
-# RM_INFO is set when using Rubymine.  In Rubymine, starting SimpleCov is
-# controlled by running with coverage, so don't explicitly start coverage (and
-# therefore generate a report) when in Rubymine.  This _will_ generate a report
-# whenever `rake spec` is run.
-unless ENV['RM_INFO']
-	SimpleCov.start
-end
-
-SimpleCov.configure do
-  # ignore this file
-	add_filter '.simplecov'
-
-	#
-	# Changed Files in Git Group
-	# @see http://fredwu.me/post/35625566267/simplecov-test-coverage-for-changed-files-only
-	#
-
-	untracked = `git ls-files --exclude-standard --others`
-	unstaged = `git diff --name-only`
-	staged = `git diff --name-only --cached`
-	all = untracked + unstaged + staged
-	changed_filenames = all.split("\n")
-
-	add_group 'Changed' do |source_file|
-		changed_filenames.detect { |changed_filename|
-			source_file.filename.end_with?(changed_filename)
-		}
-	end
-
-	#
-	# Framework (msf) related groups
-	#
-
-	add_group 'Metasploit Framework', 'lib/msf'
-	add_group 'Metasploit Framework (Base)', 'lib/msf/base'
-	add_group 'Metasploit Framework (Core)', 'lib/msf/core'
-
-	#
-	# Other library groups
-	#
-
-	add_group 'Metasm', 'lib/metasm'
-	add_group 'PacketFu', 'lib/packetfu'
-	add_group 'Rex', 'lib/rex'
-	add_group 'RKelly', 'lib/rkelly'
-	add_group 'Ruby Mysql', 'lib/rbmysql'
-	add_group 'Ruby Postgres', 'lib/postgres'
-	add_group 'SNMP', 'lib/snmp'
-	add_group 'Zip', 'lib/zip'
-
-	#
-	# Specs are reported on to ensure that all examples are being run and all
-	# lets, befores, afters, etc are being used.
-	#
-
-	add_group 'Specs', 'spec'
-end
@@ -1,9 +0,0 @@
-version: v1.25.0
-ignore: {}
-patch: {}
-exclude:
-  global:
-    # exclude unit tests which contain hard coded passwords and encrypting keys for testing purposes.
-    - spec/
-    # exclude the source code to local exploits and utilities which have to be written in a particular way to exploit the vulnerabilities that we're targeting.
-    - external/source/
@@ -1,28 +0,0 @@
---
-include:
- "**/*.rb"
-exclude:
- spec/**/*
- test/**/*
- vendor/**/*
- ".bundle/**/*"
- modules/**/*
- data/**/*
- db/**/*
- external/**/*
- plugins/**/*
- scripts/**/* # Some of this is old and may not need indexing???
-require: []
-domains: []
-reporters:
- rubocop
- require_not_found
-formatter:
-  rubocop:
-    cops: safe
-    except: []
-    only: []
-    extra_args: []
-require_paths: []
-plugins: []
-max_files: 0
@@ -0,0 +1,8 @@
+language: ruby
+rvm:
+  #- '1.8.7'
+  - '1.9.3'
+
+notifications:
+  irc: "irc.freenode.org#msfnotify"
+
@@ -1,10 +0,0 @@
--protected
--exclude samples/
--exclude \.ut\.rb/
--exclude \.ts\.rb/
--files CONTRIBUTING.md,COPYING,LICENSE
-app/**/*.rb
-lib/msf/**/*.rb
-lib/metasploit/**/*.rb
-lib/rex/**/*.rb
-plugins/**/*.rb
@@ -1,122 +0,0 @@
-# AI Agent Instructions for Metasploit Framework
-
-## Project Overview
-
-Metasploit Framework is an open-source penetration testing and exploitation framework written in Ruby. It provides infrastructure for developing, testing, and executing exploit code against remote targets.
-
-## Project Structure
-
- `modules/` — Metasploit modules (exploits, auxiliary, post, payloads, encoders, evasion, nops)
- `lib/msf/` — Core framework library code
- `lib/rex/` — Rex (Ruby Exploitation) library
- `lib/metasploit/` — Metasploit namespace libraries
- `data/` — Data files used by modules (wordlists, templates, binaries)
- `spec/` — RSpec test suite
- `tools/` — Developer and operational tools
- `plugins/` — msfconsole plugins
- `scripts/` — Example automation scripts
-
-## Coding Conventions
-
- Ruby (see `.ruby-version` for the current version). Minimum supported: 3.1+
- Follow the project's `.rubocop.yml` configuration — run `rubocop` on changed files before submitting
- Run `ruby tools/dev/msftidy.rb <module_file_path>` to catch common module issues
- Add `# frozen_string_literal: true` to new files (the RuboCop cop is disabled project-wide for legacy code, but new files should include it)
- No enforced line length limit, but keep code readable
- Use `%q{}` for long multi-line strings (curly braces preferred for module descriptions)
- Multiline block comments are acceptable for embedded code snippets/payloads
- Don't use `get_`/`set_` prefixes for accessor methods in new code
- Method parameter names must be at least 2 characters (exception for well-known crypto abbreviations)
-
-### Module Development
-
- Prefer writing modules in Ruby. Go and Python modules are accepted, but their external runtimes don't support the full framework API (e.g. network pivoting). Ruby modules do not have this limitation
- Prefer using hash over an array for return values, and use kwargs for reusable APIs for future extensions
- Before writing a new module, check that there is not an existing module or open pull request that already covers the same functionality
- Each module should be in its own file under the appropriate `modules/` subdirectory. In some scenarios adding module actions or targets is preferred.
- Exploits require a `DisclosureDate` field
- Exploits, auxiliary, and post modules require `Notes` with `SideEffects`
- Use the module mixin APIs — don't reinvent the wheel
- Use `create_process(executable, args: [], time_out: 15, opts: {})` instead of the deprecated `cmd_exec` with separate arguments
- License new code with `MSF_LICENSE` (the project default, defined in `lib/msf/core/constants.rb`)
- When overriding `cleanup`, always call `super` to ensure the parent mixin chain cleans up connections and sessions properly
- When possible don't set a default payload (`DefaultOptions` with `'PAYLOAD'`) in modules — let the framework choose the most appropriate payload automatically
- New modules require an associated markdown file in the `documentation/modules` folder with the same structure, including steps to set up the vulnerable environment for testing
- Module descriptions or documentation should list the range of vulnerable versions and the fixed version of the affected software, when known
- `report_service` method called when a service can be reported
- `report_vuln` method called when a vuln can be reported
- When creating a fake account / username use FAKER not `rand_test_alphanumeric`
- Always use `res.get_json_document` to convert an HTTP response to a hash instead of calling `JSON.parse(res.body)`
- If there's only one `ACTION` in the exploit, it can likely be omitted.
- `Msf::Exploit::SQLi` should be used if it's exploiting an SQLi
- All `print_*` calls should start with a capital
- when opening a file, make sure the file exists first
- when checking for a string in a response - will it always be in english?
- Ensure hardcoded strings being regex'ed will be consistent across multiple versions
- Use the TEST-NET-1 range for example / non-routeable IP addresses in unit tests and spec files: `192.0.2.0`. Local/private IPs are fine in module documentation scenarios.
- Use fetch payload instead of command stagers when only options that request the stage are available (i.e. don’t use a cmd stager and only allow curl/wget).
- Define bad characters instead of explicitly base-64 encoding payloads
- Use `ARCH_CMD` payloads instead of command stagers when only curl/wget and other download mechanisms would be available
- Don’t check the number of sessions at the end of an exploit and report success based on that, not all payloads open sessions
- Don’t submit any kind of opaque binary blob, everything must include source code and build instructions
- Don’t print host information like `#{ip}:#{port}` because it doesn’t handle IPv6 addresses, instead use `#{Rex::Socket.to_authority(ip, port)}`
- Implement a `check` method when possible to allow users to verify vulnerability before exploitation
-
-### Check Methods
-
- `check` methods must only return `CheckCode` values (e.g. `CheckCode::Vulnerable`, `CheckCode::Safe`) — never raise exceptions or call `fail_with`
- When writing a `check` method, verify it does not produce false positives when run against unrelated software or services
- Prefer using `Rex::Version` for version checks
- Use `fail_with(Failure::UnexpectedReply, '...')` (and other `Failure::*` constants) to bail out of `exploit`/`run` methods — don't use `raise` or bare `return` for error conditions
- `get_version` methods should return a REX version
- `CheckCode::Vulnerable` is only used when the vulnerability has been exploited
- `CheckCode::Appears`  is only used when the application's versions has been checked`
- Use specific regular expressions or `res.get_html_document` for version extraction with CSS selectors. Don't use a generic selectors like `href .*` dot star to grab the version, be more precise.
- Do catch exceptions that may be raised and ensure a valid Check Code is returned
- Do research and determine a minimum version where the application is vulnerable, mark prior versions as safe
- Check helper methods that are used by both `#check` and `#exploit` (or `#run`) and make sure there is no condition (exception, return, etc) where `#check` could return something else than CheckCode.
- Prefer `prepend Msf::Exploit::Remote::AutoCheck` over manually calling `check` inside `exploit` — this lets the framework handle check-before-exploit automatically
-
-### Library Code
-
- When adding complex binary or protocol parsing (e.g. BinData, RASN1, Rex::Struct2), include a code comment linking to the specification or RFC that defines the format being implemented
- Write RSpec tests for any library changes
- Follow [Better Specs](http://www.betterspecs.org/) conventions
- Write YARD documentation for public methods
- Keep PRs focused — small fixes are easier to review
- Any new hash cracking implementations require adding a test hash to `tools/dev/hash_cracker_validator.rb` and ensuring that passes without error
-
-### Testing
-
- Tests live in `spec/` mirroring the `lib/` structure
- Run tests with: `bundle exec rspec spec/path/to/spec.rb`
-
-### Preferred Libraries
-
- Use the `RubySMB` library for SMB modules
- Use `Rex::Stopwatch.elapsed_time` to track elapsed time
- Use the `Rex::MIME::Message` class for MIME messages instead of hardcoding XML
- When creating random variable names prefer `Rex::RandomIdentifier::Generator` and specify the runtime language used. This avoids generating langauge keywords that would break the script.
-
-## Common Patterns
-
- Register options with `register_options` and `register_advanced_options`
- Use `SCREAMING_SNAKE_CASE` option names and `CamelCase` advanced option names
- Use `datastore['OPTION_NAME']` to access module options
- Use `print_status`, `print_good`, `print_error`, `print_warning` for console output
- Use `vprint_*` variants for verbose-only output
- Use `send_request_cgi` for HTTP requests in modules
- Use `connect` / `disconnect` for TCP socket operations
-
-## Before Submitting
-
- Ensure `rubocop` and `msftidy` pass on any changed files with no new offenses
- Ensure `ruby tools/dev/msftidy_docs.rb <documentation_file>` passes on any changed documentation markdown docs with no new offenses
-
-## What NOT to Do
-
- Don't submit untested code — all code must be manually verified
- Don't include sensitive information (IPs, credentials, API keys, hashes of credentials) in code or docs
- Don't include more than one module per pull request
- Don't add new scripts to `scripts/` — use post modules instead
- Don't use `pack`/`unpack` with invalid directives (enforced by linter)
@@ -1,52 +0,0 @@
-# Contributor Code of Conduct
-
-As contributors and maintainers of this project, and in the interest of
-fostering an open and welcoming community, we pledge to respect all people who
-contribute through reporting issues, posting feature requests, updating
-documentation, submitting pull requests or patches, and other activities.
-
-We are committed to making participation in this project a harassment-free
-experience for everyone, regardless of level of experience, gender, gender
-identity and expression, sexual orientation, disability, personal appearance,
-body size, race, ethnicity, age, religion, or nationality.
-
-Examples of unacceptable behavior by participants include:
-
-* The use of sexualized language or imagery
-* Personal attacks
-* Trolling or insulting/derogatory comments
-* Public or private harassment
-* Publishing other's private information, such as physical or electronic
-  addresses, without explicit permission
-* Other unethical or unprofessional conduct
-
-Project maintainers have the right and responsibility to remove, edit, or
-reject comments, commits, code, wiki edits, issues, and other contributions
-that are not aligned to this Code of Conduct, or to ban temporarily or
-permanently any contributor for other behaviors that they deem inappropriate,
-threatening, offensive, or harmful.
-
-By adopting this Code of Conduct, project maintainers commit themselves to
-fairly and consistently applying these principles to every aspect of managing
-this project. Project maintainers who do not follow or enforce the Code of
-Conduct may be permanently removed from the project team.
-
-This Code of Conduct applies both within project spaces and in public spaces
-when an individual is representing the project or its community.
-
-Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported by contacting the project maintainers at msfdev@metasploit.com. If
-the incident involves a committer, you may report it directly to
-smcintyre@metasploit.com or jacquelyn_harris@rapid7.com.
-
-All complaints will be reviewed and investigated and will result in a
-response that is deemed necessary and appropriate to the circumstances.
-Maintainers are obligated to maintain confidentiality with regard to the
-reporter of an incident.
-
-This Code of Conduct is adapted from the [Contributor Covenant][homepage],
-version 1.3.0, available at
-[http://contributor-covenant.org/version/1/3/0/][version]
-
-[homepage]: http://contributor-covenant.org
-[version]: http://contributor-covenant.org/version/1/3/0/
@@ -1,120 +1,38 @@
 # Contributing to Metasploit
-Thank you for your interest in making Metasploit -- and therefore, the
-world -- a better place!  Before you get started, please review our [Code of Conduct](./CODE_OF_CONDUCT.md). This helps us ensure our community is positive and supportive for everyone involved.

-## Code Free Contributions
-Before we get into the details of contributing code, you should know there are multiple ways you can add to Metasploit without any coding experience:
+## Reporting Bugs

- - You can [submit bugs and feature requests](https://github.com/rapid7/metasploit-framework/issues/new/choose) with detailed information about your issue or idea:
- 	- If you'd like to propose a feature, describe what you'd like to see. Mock ups of console views would be great.
- 	- If you're reporting a bug, please be sure to include the expected behaviour, the observed behaviour, and steps to reproduce the problem. Resource scripts, console copy-pastes, and any background on the environment you encountered the bug in would be appreciated. More information can be found [below](#bug-reports).
- - [Help fellow users with open issues](https://github.com/rapid7/metasploit-framework/issues). This can require technical knowledge, but you can also get involved in conversations about bug reports and feature requests. This is a great way to get involved without getting too overwhelmed!
- - [Help fellow committers test recently submitted pull requests](https://github.com/rapid7/metasploit-framework/pulls). Again this can require some technical skill, but by pulling down a pull request and testing it, you can help ensure our new code contributions for stability and quality.
- - [Report a security vulnerability in Metasploit itself] to Rapid7. If you see something you think makes Metasploit vulnerable to an attack, let us know!
- - Add [module documentation]. New documentation is always needed and cleaning up existing documents is just as important! If you're a non-native English speaker, you can help by replacing any ambiguous idioms, metaphors, or unclear language that might make our documentation hard to understand.
+If you would like to report a bug, please take a look at [our Redmine
+issue
+tracker](https://dev.metasploit.com/redmine/projects/framework/issues?query_id=420)
+-- your bug may already have been reported there! Simply [searching](https://dev.metasploit.com/redmine/projects/framework/search) for some appropriate keywords may save everyone a lot of hassle.

+If your bug is new and you'd like to report it you will need to
+[register
+first](https://dev.metasploit.com/redmine/account/register). Don't
+worry, it's easy and fun and takes about 30 seconds.

-## Code Contributions
-For those of you who are looking to add code to Metasploit, your first step is to set up a [development environment]. For a detailed reference of our coding conventions, project structure, and preferred patterns, see [AGENTS.md](./AGENTS.md). Once that's done, we recommend beginners start by adding a [proof-of-concept exploit from ExploitDB,](https://www.exploit-db.com/search?verified=true&hasapp=true&nomsf=true) as a new module to the Metasploit framework. These exploits have been verified as recreatable and their ExploitDB page includes a copy of the exploitable software. This makes testing your module locally much simpler, and most importantly the exploits don't have an existing Metasploit implementation. ExploitDB can be slow to update however, so please double check that there isn't an existing module before beginning development! If you're certain the exploit you've chosen isn't already in Metasploit, read our [writing an exploit guide](https://docs.metasploit.com/docs/development/developing-modules/guides/get-started-writing-an-exploit.html). It will help you to get started and avoid some common mistakes.
+When you file a bug report, please inclue your **steps to reproduce**,
+full copy-pastes of Ruby stack traces, and any relevant details about
+your environment. Without repro steps, your bug will likely be closed.
+With repro steps, your bugs will likely be fixed.

-Once you have finished your new module and tested it locally to ensure it's working as expected, check out our [guide for accepting modules](https://docs.metasploit.com/docs/development/maintainers/process/guidelines-for-accepting-modules-and-enhancements.html#module-additions). This will give you a good idea of how to clean up your code so that it's likely to get accepted.
+## Contributing Metasploit Modules

-Finally, follow our short list of do's and don'ts below to make sure your valuable contributions actually make it into Metasploit's master branch! We try to consider all our pull requests fairly and in detail, but if you do not follow these rules, your contribution
-will be closed. We need to ensure the code we're adding to master is written to a high standard.
+If you have an exploit that you'd like to contribute to the Metasploit
+Framework, please familiarize yourself with the
+**[HACKING](https://github.com/rapid7/metasploit-framework/blob/master/HACKING)**
+document in the
+Metasploit-Framework repository. There are many mysteries revealed in
+HACKING concerning code style and content.

-## Expedited Module Creation Process
-We strive to respect the community that has given us so much, so in the odd situation where we get multiple submissions for the same vulnerability, generally we will work with the first person who assigns themselves to the issue or the first person that submits a good-faith PR.  A good-faith PR might not even work, but it will show that the author is working their way toward a solution.  Despite this general rule, there are rare circumstances where we may ask a contributor to step aside or allow a committer to take the lead on the creation of a new module if a complete and working module with documents has not already been submitted.  This kind of expedited module creation process comes up infrequently, and usually it involves high-profile or high priority modules that we have marked internally as time-critical: think KEV list, active exploitation campaigns, CISA announcements, etc.  In those cases, we may ask a contributor that is assigned to the issue or who has submitted an incomplete module to allow a committer to take over an issue or a module PR in the interest of getting a module out quickly.  If a contributor has submitted an incomplete module, they will remain as a co-author of the module and we may build directly onto the PR they submitted, leaving the original commits in the tree.  We sincerely hope that the original author will remain involved in this expedited module creation process.  We would appreciate testing, critiquing, and any assistance that can be offered.  If the module is complete but requires minor changes, we may ask the contributor to allow us to take over testing/verification and make these minor changes without asking so we can land the module as quickly as possible.  In these cases of minor code changes, the authorship of the module will remain unchanged.  We hope everyone involved in this expedited module creation process continues to feel valued and appreciated.
+[Pull requests](https://github.com/rapid7/metasploit-framework/pulls)
+should corellate with modules at a 1:1 ratio
+-- there is rarely a good reason to have two, three, or ten modules on
+one pull request, as this dramatically increases the review time
+required to land (commit) any of those modules.

-## Vibecoding, AI, and LLM
-My first job had a token ring LAN and I still own a Win98SE CD, so I'm not entirely sure what _vibecoding_ is, but we're cool with any coding technique you use to create a PR as long as it is tested, documented, and does what it says it does.  Untested code is incomplete code, and incomplete code should be marked as a draft PR or WIP (Work in Progress) until it is complete, tested, and ready for a committer to review.  We have had several submissions clearly from AI that were well-formatted, looked really neat, and did nothing it said it did.  While we have no problem with AI-assisted coding, please do not assume that the code generated by an AI or LLM is logically or even syntactically correct.
-
-### Code Contribution Do's & Don'ts:
-Keeping the following in mind gives your contribution the best chance of landing!
-
-#### <u>Pull Requests</u>
-**Pull request [PR#9966] is a good example to follow.**
-
-* **Do** create a [topic branch] to work on instead of working directly on `master`. This helps to:
-	*  Protect the process.
-	* Ensures users are aware of commits on the branch being considered for merge.
-	* Allows for a location for more commits to be offered without mingling with other contributor changes.
-	* Allows contributors to make progress while a PR is still being reviewed.
-* **Do** follow the [50/72 rule] for Git commit messages.
-* **Do** write "WIP" on your PR and/or open a [draft PR] if submitting **working** yet unfinished code.
-* **Do** target your pull request to the **master branch**.
-* **Do** specify a descriptive title to make searching for your pull request easier.
-* **Do** include [console output], especially for effects that can be witnessed in the  `msfconsole`.
-* **Do** test your code and submit the test output in your PR with any sensitive information removed.
-* **Do** list [verification steps] so committers can test your code.
-* **Do** [reference associated issues] in your pull request description.
-* **Don't** leave your pull request description blank.
-* **Don't** include sensitive information in your PR (including externally-routable IP addresses in documentation).
-* **Don't** PR untested/unvalidated code you copy/pasted from the internet.
-* **Don't** PR untested/unvalidated code you copy/pasted from AI or LLM.
-* **Don't** abandon your pull request. Being responsive helps us land your code faster.
-* **Don't** post questions in older closed PRs.
-
-#### <u>New Modules</u>
-* **Do** check the issue tracker to see if there is a `suggestion-module` issue for the module you want to write, and assign yourself to it if there is.
-* **Do** license your code as BSD 3-clause, BSD 2-clause, or MIT.
-* **Do** stick to the [Ruby style guide] and use [Rubocop] to find common style issues.
-* **Do** set up `msftidy` to fix any errors or warnings that come up as a [pre-commit hook].
-* **Do** use the many module mixin [API]s.
-* **Do** include instructions on how to setup the vulnerable environment or software.
-* **Do** include [Module Documentation] showing sample run-throughs.
-* **Do** ask cve@rapid7.com for a CVE ID if this describes a new vulnerability (remember to mention your PR number!)
-* **Don't** include more than one module per pull request.
-* **Don't** submit new [scripts].  Scripts are shipped as examples for automating local tasks, and anything "serious" can be done with post modules and local exploits.
-
-#### <u>Library Code</u>
-* **Do** write [RSpec] tests - even the smallest change in a library can break existing code.
-* **Do** follow [Better Specs] - it's like the style guide for specs.
-* **Do** write [YARD] documentation - this makes it easier for people to use your code.
-* **Don't** fix a lot of things in one pull request. Small fixes are easier to validate.
-
-#### <u>Bug Fixes</u>
-* **Do** include reproduction steps in the form of verification steps.
-* **Do** link to any corresponding [Issues] in the format of `See #1234` in your commit description.
-
-## Bug Reports
-
-Please report vulnerabilities in Rapid7 software directly to security@rapid7.com. For more on our disclosure policy and Rapid7's approach to coordinated disclosure, [head over here](https://www.rapid7.com/security).
-
-When reporting Metasploit issues:
-* **Do** write a detailed description of your bug and use a descriptive title.
-* **Do** include reproduction steps, stack traces, and anything that might help us fix your bug.
-* **Don't** file duplicate reports; search for your bug before filing a new report.
-* **Don't** attempt to report issues on a closed PR.
-
-If you need some more guidance, talk to the main body of open source contributors over on our
-[GitHub Discussions](https://github.com/rapid7/metasploit-framework/discussions) or [Metasploit Slack]
-
-Finally, **thank you** for taking the few moments to read this far! You're already way ahead of the
-curve, so keep it up!
-
-[Code of Conduct]:https://docs.metasploit.com/docs/code-of-conduct.html
-[Submit bugs and feature requests]:http://r-7.co/MSF-BUGv1
-[Help fellow users with open issues]:https://github.com/rapid7/metasploit-framework/issues
-[help fellow committers test recently submitted pull requests]:https://github.com/rapid7/metasploit-framework/pulls
-[Report a security vulnerability in Metasploit itself]:https://www.rapid7.com/disclosure.jsp
-[development environment]:http://r-7.co/MSF-DEV
-[proof-of-concept exploits]:https://www.exploit-db.com/search?verified=true&hasapp=true&nomsf=true
-[Ruby style guide]:https://github.com/bbatsov/ruby-style-guide
-[Rubocop]:https://rubygems.org/search?query=rubocop
-[50/72 rule]:http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html
-[topic branch]:http://git-scm.com/book/en/Git-Branching-Branching-Workflows#Topic-Branches
-[draft PR]:https://help.github.com/en/articles/about-pull-requests#draft-pull-requests
-[console output]:https://docs.github.com/en/free-pro-team@latest/github/writing-on-github/creating-and-highlighting-code-blocks#fenced-code-blocks
-[verification steps]:https://docs.github.com/en/free-pro-team@latest/github/writing-on-github/basic-writing-and-formatting-syntax#task-lists
-[reference associated issues]:https://github.com/blog/1506-closing-issues-via-pull-requests
-[PR#9966]:https://github.com/rapid7/metasploit-framework/pull/9966
-[pre-commit hook]:https://github.com/rapid7/metasploit-framework/blob/master/tools/dev/pre-commit-hook.rb
-[API]:https://rapid7.github.io/metasploit-framework/api
-[module documentation]:https://docs.metasploit.com/docs/using-metasploit/basics/module-documentation.html
-[scripts]:https://github.com/rapid7/metasploit-framework/tree/master/scripts
-[RSpec]:http://rspec.info
-[Better Specs]:http://www.betterspecs.org/
-[YARD]:http://yardoc.org
-[Issues]:https://github.com/rapid7/metasploit-framework/issues
-[Metasploit Slack]:https://www.metasploit.com/slack
-[#metasploit on Freenode IRC]:http://webchat.freenode.net/?channels=%23metasploit&uio=d4
+Pull requests tend to be very collaborative for Metasploit -- do not be
+surprised if your pull request to rapid7/metasploit-framework triggers a
+pull request back to your own fork. In this way, we can isolate working
+changes before landing your PR to the Metasploit master branch.
@@ -1,19 +1,19 @@
-Copyright (C) 2006-2026, Rapid7, Inc.
+Copyright (C) 2006-2013, Rapid7 Inc.
 All rights reserved.

 Redistribution and use in source and binary forms, with or without modification,
 are permitted provided that the following conditions are met:

    * Redistributions of source code must retain the above copyright notice,
-    this list of conditions and the following disclaimer.
+	  this list of conditions and the following disclaimer.

    * Redistributions in binary form must reproduce the above copyright notice,
-    this list of conditions and the following disclaimer in the documentation
-    and/or other materials provided with the distribution.
+	  this list of conditions and the following disclaimer in the documentation
+	  and/or other materials provided with the distribution.

-    * Neither the name of Rapid7, Inc. nor the names of its contributors
-    may be used to endorse or promote products derived from this software
-    without specific prior written permission.
+    * Neither the name of Rapid7 LLC nor the names of its contributors
+	  may be used to endorse or promote products derived from this software
+	  without specific prior written permission.

 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
 ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
@@ -30,7 +30,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

 The Metasploit Framework is provided under the 3-clause BSD license above.

-The copyright on this package is held by Rapid7, Inc.
+The copyright on this package is held by Rapid7 LLC.

 This license does not apply to several components within the Metasploit
 Framework source tree.  For more details see the LICENSE file.
@@ -1,20 +0,0 @@
-Active Metasploit 5 development will sometimes push aggressive changes.
-Integrations with 3rd-party tools, as well as general usage, may change quickly
-from day to day. Some of the steps for dealing with major changes will be
-documented here. We will continue to maintain the Metasploit 4.x branch until
-Metasploit 5.0 is released.
-
-**2018/01/17 - [internal] module cache reworked to not store metadata in PostgreSQL**
-
-Metasploit no longer stores module metadata in a PostgreSQL database, instead
-storing it in a cache file in your local ~/.msf4 config directory. This has a
-number of advantages:
-
- * Fast searches whether you have the database enabled or not (no more slow search mode)
- * Faster load time for msfconsole, the cache loads more quickly
- * Private module data is not uploaded to a shared database, no collisions
- * Adding or deleting modules no longer displays file-not-found error messages on start in msfconsole
- * Reduced memory consumption
-
-Code that reads directly from the Metasploit database for module data will need
-to use the new module search API.
@@ -1,102 +0,0 @@
-FROM ruby:3.3.8-alpine3.21 AS builder
-LABEL maintainer="Rapid7"
-
-ARG BUNDLER_CONFIG_ARGS="set force_ruby_platform 'true' set no-cache 'true' set system 'true' set without 'development test coverage'"
-ARG BUNDLER_FORCE_CLEAN="true"
-ENV APP_HOME=/usr/src/metasploit-framework
-ENV TOOLS_HOME=/usr/src/tools
-ENV BUNDLE_IGNORE_MESSAGES="true"
-WORKDIR $APP_HOME
-
-COPY Gemfile* metasploit-framework.gemspec Rakefile $APP_HOME/
-COPY lib/metasploit/framework/version.rb $APP_HOME/lib/metasploit/framework/version.rb
-COPY lib/metasploit/framework/rails_version_constraint.rb $APP_HOME/lib/metasploit/framework/rails_version_constraint.rb
-COPY lib/msf/util/helper.rb $APP_HOME/lib/msf/util/helper.rb
-
-RUN apk add --no-cache \
-      autoconf \
-      bash \
-      bison \
-      build-base \
-      curl \
-      ruby-dev \
-      openssl-dev \
-      readline-dev \
-      sqlite-dev \
-      postgresql-dev \
-      libffi-dev \
-      libpcap-dev \
-      libxml2-dev \
-      libxslt-dev \
-      yaml-dev \
-      zlib-dev \
-      ncurses-dev \
-      git \
-      go \
-    && echo "gem: --no-document" > /etc/gemrc \
-    && gem update --system \
-    && bundle config $BUNDLER_CONFIG_ARGS \
-    && bundle install --jobs=8 \
-    && if [ "${BUNDLER_FORCE_CLEAN}" == "true" ]; then \
-         bundle clean --force; \
-       fi \
-    # temp fix for https://github.com/bundler/bundler/issues/6680
-    && rm -rf /usr/local/bundle/cache \
-    # needed so non root users can read content of the bundle
-    && chmod -R a+r /usr/local/bundle
-
-ENV GO111MODULE=off
-RUN mkdir -p $TOOLS_HOME/bin && \
-    cd $TOOLS_HOME/bin && \
-    curl -O https://dl.google.com/go/go1.24.0.src.tar.gz && \
-    tar -zxf go1.24.0.src.tar.gz && \
-    rm go1.24.0.src.tar.gz && \
-    cd go/src && \
-    ./make.bash
-
-FROM ruby:3.3.8-alpine3.21
-LABEL maintainer="Rapid7"
-ARG TARGETARCH
-
-ENV APP_HOME=/usr/src/metasploit-framework
-ENV TOOLS_HOME=/usr/src/tools
-ENV NMAP_PRIVILEGED=""
-ENV METASPLOIT_GROUP=metasploit
-
-# used for the copy command
-RUN addgroup -S $METASPLOIT_GROUP
-
-RUN apk add --no-cache curl bash sqlite-libs nmap nmap-scripts nmap-nselibs \
-    postgresql-libs python3 py3-pip py3-impacket py3-requests ncurses libcap su-exec alpine-sdk \
-    openssl-dev nasm
-RUN\
-    if [ "${TARGETARCH}" = "arm64" ];\
-	then apk add --no-cache gcc musl-dev python3-dev libffi-dev gcompat;\
-    else apk add --no-cache mingw-w64-gcc;\
-    fi
-
-RUN /usr/sbin/setcap cap_net_raw,cap_net_bind_service=+eip $(which ruby)
-RUN /usr/sbin/setcap cap_net_raw,cap_net_bind_service=+eip $(which nmap)
-
-COPY --from=builder /usr/local/bundle /usr/local/bundle
-RUN chown -R root:metasploit /usr/local/bundle
-COPY . $APP_HOME/
-COPY --from=builder $TOOLS_HOME $TOOLS_HOME
-RUN chown -R root:metasploit $APP_HOME/
-RUN chmod 664 $APP_HOME/Gemfile.lock
-RUN gem update --system
-RUN cp -f $APP_HOME/docker/database.yml $APP_HOME/config/database.yml
-
-ENV GOPATH=$TOOLS_HOME/go
-ENV GOROOT=$TOOLS_HOME/bin/go
-ENV PATH=${PATH}:${GOPATH}/bin:${GOROOT}/bin
-
-WORKDIR $APP_HOME
-
-# we need this entrypoint to dynamically create a user
-# matching the hosts UID and GID so we can mount something
-# from the users home directory. If the IDs don't match
-# it results in access denied errors.
-ENTRYPOINT ["docker/entrypoint.sh"]
-
-CMD ["./msfconsole", "-r", "docker/msfconsole.rc", "-y", "$APP_HOME/config/database.yml"]
@@ -1,58 +1,30 @@
-source 'https://rubygems.org'
-# Add default group gems to `metasploit-framework.gemspec`:
-#   spec.add_runtime_dependency '<name>', [<version requirements>]
-gemspec name: 'metasploit-framework'
+source 'http://rubygems.org'

-# separate from test as simplecov is not run on travis-ci
-group :coverage do
-  # code coverage for tests
-  gem 'simplecov', '0.18.2'
-end
+# Need 3+ for ActiveSupport::Concern
+gem 'activesupport', '>= 3.0.0'
+# Needed for Msf::DbManager
+gem 'activerecord'
+# Database models shared between framework and Pro.
+gem 'metasploit_data_models', :git => 'git://github.com/rapid7/metasploit_data_models.git', :tag => '0.3.0'
+# Needed for module caching in Mdm::ModuleDetails
+gem 'pg', '>= 0.11'

 group :development do
  # Markdown formatting for yard
  gem 'redcarpet'
  # generating documentation
  gem 'yard'
-  # for development and testing purposes
-  gem 'pry-byebug'
-  # Ruby Debugging Library - rebuilt and included by default from Ruby 3.1 onwards.
-  # Replaces the old lib/debug.rb and provides more features.
-  gem 'debug', '>= 1.0.0'
-  # module documentation
-  gem 'octokit'
-  # memory profiling
-  gem 'memory_profiler'
-  # cpu profiling
-  gem 'ruby-prof'
-  # Metasploit::Aggregator external session proxy
-  # disabled during 2.5 transition until aggregator is available
-  # gem 'metasploit-aggregator'
 end

 group :development, :test do
-  # For ./tools/dev/update_gem_licenses.sh
-  gem 'license_finder', '5.11.1'
  # running documentation generation tasks and rspec tasks
  gem 'rake'
-  # Define `rake spec`.  Must be in development AND test so that its available by default as a rake test when the
-  # environment is development
-  gem 'rspec-rails'
-  gem 'rspec-rerun'
-  # Required during CI as well local development
-  gem 'rubocop', '1.75.7'
 end

 group :test do
-  # automatically include factories from spec/factories
-  gem 'test-prof'
-  gem 'factory_bot_rails'
-  # Make rspec output shorter and more useful
-  gem 'fivemat'
-  # rspec formatter for acceptance tests
-  gem 'allure-rspec'
-  # Manipulate Time.now in specs
-  gem 'timecop'
-  # stub and set expectations on HTTP requests
-  gem 'webmock', '~> 3.18'
+  # testing framework
+  gem 'rspec', '>= 2.12'
+  # code coverage for tests
+  # any version newer than 0.5.4 gives an Encoding error when trying to read the source files.
+  gem 'simplecov', '0.5.4', :require => false
 end
@@ -1,35 +0,0 @@
-##
-# Example Gemfile.local file for Metasploit Framework
-#
-# The Gemfile.local file provides a way to use other gems that are not
-# included in the standard Gemfile provided with Metasploit.
-# This filename is included in Metasploit's .gitignore file, so local changes
-# to this file will not accidentally show up in future pull requests. This
-# example Gemfile.local includes all gems in Gemfile using instance_eval.
-# It also creates a new bundle group, 'local', to hold additional gems.
-#
-# This file will not be used by default within the framework. As such, one
-# must first install the custom Gemfile.local with bundle:
-#   bundle install --gemfile Gemfile.local
-#
-# Note that msfupdate does not consider Gemfile.local when updating the
-# framework. If it is used, it may be necessary to run the above bundle
-# command after the update.
-#
-###
-
-# Include the Gemfile included with the framework. This is very
-# important for picking up new gem dependencies.
-msf_gemfile = File.join(File.dirname(__FILE__), 'Gemfile')
-if File.readable?(msf_gemfile)
-  instance_eval(File.read(msf_gemfile))
-end
-
-# Create a custom group
-group :local do
-  # This is the first way to add a non-standard gem file dependency in.
-  gem 'lab', '~> 0.2.7'
-  # And this is another way that references local directories to find and compile the gem file as needed.
-  # This is the optimal method for testing Gem PRs such as those in rex-text or rex-powershell.
-  gem 'rex-powershell', path: '../rex-powershell'
-end
@@ -1,720 +1,68 @@
-PATH
-  remote: .
+GIT
+  remote: git://github.com/rapid7/metasploit_data_models.git
+  revision: 73f26789500f278dd6fd555e839d09a3b81a05f4
+  tag: 0.3.0
  specs:
-    metasploit-framework (6.4.133)
-      aarch64
-      abbrev
-      actionpack (~> 7.2.0)
-      activerecord (~> 7.2.0)
-      activesupport (~> 7.2.0)
-      aws-sdk-ec2
-      aws-sdk-ec2instanceconnect
-      aws-sdk-iam
-      aws-sdk-s3
-      aws-sdk-ssm
-      base64
-      bcrypt
-      bcrypt_pbkdf
-      benchmark
-      bigdecimal
-      bootsnap
-      bson
-      chunky_png
-      csv
-      date (= 3.4.1)
-      dnsruby
-      drb
-      ed25519
-      elftools
-      em-http-request
-      eventmachine
-      faker
-      faraday
-      faraday-retry
-      faye-websocket
-      ffi (< 1.17.0)
-      fiddle
-      filesize
-      getoptlong
-      hrr_rb_ssh-ed25519
-      http-cookie
-      irb
-      jsobfu
-      json
-      lru_redux
-      mcp (= 0.13.0)
-      metasm
-      metasploit-concern
-      metasploit-credential (>= 6.0.21)
-      metasploit-model
-      metasploit-payloads (= 2.0.245)
-      metasploit_data_models (>= 6.0.15)
-      metasploit_payloads-mettle (= 1.0.46)
-      mqtt
-      msgpack (~> 1.6.0)
-      mutex_m
-      nessus_rest
-      net-imap
-      net-ldap
-      net-sftp
-      net-smtp
-      net-ssh
-      network_interface
-      nexpose
-      nokogiri
-      octokit
-      openssl-ccm
-      openvas-omp
-      ostruct
-      packetfu
-      parallel
-      patch_finder
-      pcaprub
-      pdf-reader
+    metasploit_data_models (0.3.0)
+      activerecord
+      activesupport
      pg
-      puma
-      rack (~> 2.2)
-      railties
-      rasn1 (= 0.14.0)
-      rb-readline
-      recog
-      redcarpet
-      reline
-      rest-client
-      rex-arch
-      rex-bin_tools
-      rex-core
-      rex-encoder
-      rex-exploitation
-      rex-java
-      rex-mime
-      rex-nop
-      rex-ole
-      rex-powershell
-      rex-random_identifier
-      rex-registry
-      rex-rop_builder
-      rex-socket
-      rex-sslscan
-      rex-struct2
-      rex-text
-      rex-zip
-      rexml (= 3.4.1)
-      rinda
-      ruby-macho
-      ruby-mysql
-      ruby_smb (~> 3.3.17)
-      rubyntlm
-      rubyzip
-      sinatra (~> 3.2)
-      sqlite3 (= 1.7.3)
-      sshkey
-      stringio (= 3.1.1)
-      swagger-blocks
-      syslog
-      thin (~> 1.x)
-      tzinfo
-      tzinfo-data
-      unix-crypt
-      warden
-      win32api
-      windows_error
-      winrm
-      xdr
-      xmlrpc
-      zeitwerk
+      pry

 GEM
-  remote: https://rubygems.org/
+  remote: http://rubygems.org/
  specs:
-    Ascii85 (2.0.1)
-    aarch64 (2.1.0)
-      racc (~> 1.6)
-    abbrev (0.1.2)
-    actionpack (7.2.2.2)
-      actionview (= 7.2.2.2)
-      activesupport (= 7.2.2.2)
-      nokogiri (>= 1.8.5)
-      racc
-      rack (>= 2.2.4, < 3.2)
-      rack-session (>= 1.0.1)
-      rack-test (>= 0.6.3)
-      rails-dom-testing (~> 2.2)
-      rails-html-sanitizer (~> 1.6)
-      useragent (~> 0.16)
-    actionview (7.2.2.2)
-      activesupport (= 7.2.2.2)
-      builder (~> 3.1)
-      erubi (~> 1.11)
-      rails-dom-testing (~> 2.2)
-      rails-html-sanitizer (~> 1.6)
-    activemodel (7.2.2.2)
-      activesupport (= 7.2.2.2)
-    activerecord (7.2.2.2)
-      activemodel (= 7.2.2.2)
-      activesupport (= 7.2.2.2)
-      timeout (>= 0.4.0)
-    activesupport (7.2.2.2)
-      base64
-      benchmark (>= 0.3)
-      bigdecimal
-      concurrent-ruby (~> 1.0, >= 1.3.1)
-      connection_pool (>= 2.2.5)
-      drb
-      i18n (>= 1.6, < 2)
-      logger (>= 1.4.2)
-      minitest (>= 5.1)
-      securerandom (>= 0.3)
-      tzinfo (~> 2.0, >= 2.0.5)
-    addressable (2.8.7)
-      public_suffix (>= 2.0.2, < 7.0)
-    afm (0.2.2)
-    allure-rspec (2.27.0)
-      allure-ruby-commons (= 2.27.0)
-      rspec-core (>= 3.8, < 4)
-    allure-ruby-commons (2.27.0)
-      mime-types (>= 3.3, < 4)
-      require_all (>= 2, < 4)
-      rspec-expectations (~> 3.12)
-    arel-helpers (2.16.0)
-      activerecord (>= 3.1.0, < 8.1)
-    ast (2.4.3)
-    aws-eventstream (1.3.2)
-    aws-partitions (1.1065.0)
-    aws-sdk-core (3.220.1)
-      aws-eventstream (~> 1, >= 1.3.0)
-      aws-partitions (~> 1, >= 1.992.0)
-      aws-sigv4 (~> 1.9)
-      base64
-      jmespath (~> 1, >= 1.6.1)
-    aws-sdk-ec2 (1.511.0)
-      aws-sdk-core (~> 3, >= 3.216.0)
-      aws-sigv4 (~> 1.5)
-    aws-sdk-ec2instanceconnect (1.55.0)
-      aws-sdk-core (~> 3, >= 3.216.0)
-      aws-sigv4 (~> 1.5)
-    aws-sdk-iam (1.119.0)
-      aws-sdk-core (~> 3, >= 3.216.0)
-      aws-sigv4 (~> 1.5)
-    aws-sdk-kms (1.99.0)
-      aws-sdk-core (~> 3, >= 3.216.0)
-      aws-sigv4 (~> 1.5)
-    aws-sdk-s3 (1.182.0)
-      aws-sdk-core (~> 3, >= 3.216.0)
-      aws-sdk-kms (~> 1)
-      aws-sigv4 (~> 1.5)
-    aws-sdk-ssm (1.191.0)
-      aws-sdk-core (~> 3, >= 3.216.0)
-      aws-sigv4 (~> 1.5)
-    aws-sigv4 (1.11.0)
-      aws-eventstream (~> 1, >= 1.0.2)
-    base64 (0.3.0)
-    bcrypt (3.1.20)
-    bcrypt_pbkdf (1.1.1)
-    benchmark (0.4.1)
-    bigdecimal (3.3.1)
-    bindata (2.4.15)
-    bootsnap (1.18.4)
-      msgpack (~> 1.2)
-    bson (5.1.1)
-    builder (3.3.0)
-    byebug (12.0.0)
-    chunky_png (1.4.0)
-    coderay (1.1.3)
-    concurrent-ruby (1.3.5)
-    connection_pool (2.5.4)
-    cookiejar (0.3.4)
-    crack (1.0.1)
-      bigdecimal
-      rexml
-    crass (1.0.6)
-    csv (3.3.2)
-    daemons (1.4.1)
-    date (3.4.1)
-    debug (1.11.0)
-      irb (~> 1.10)
-      reline (>= 0.3.8)
-    diff-lcs (1.6.2)
-    dnsruby (1.73.1)
-      base64 (>= 0.2)
-      logger (~> 1.6)
-      simpleidn (~> 0.2.1)
-    docile (1.4.1)
-    domain_name (0.6.20240107)
-    drb (2.2.3)
-    ed25519 (1.4.0)
-    elftools (1.3.1)
-      bindata (~> 2)
-    em-http-request (1.1.7)
-      addressable (>= 2.3.4)
-      cookiejar (!= 0.3.1)
-      em-socksify (>= 0.3)
-      eventmachine (>= 1.0.3)
-      http_parser.rb (>= 0.6.0)
-    em-socksify (0.3.3)
-      base64
-      eventmachine (>= 1.0.0.beta.4)
-    erb (5.0.3)
-    erubi (1.13.1)
-    eventmachine (1.2.7)
-    factory_bot (6.5.5)
-      activesupport (>= 6.1.0)
-    factory_bot_rails (6.5.1)
-      factory_bot (~> 6.5)
-      railties (>= 6.1.0)
-    faker (3.5.1)
-      i18n (>= 1.8.11, < 2)
-    faraday (2.7.11)
-      base64
-      faraday-net_http (>= 2.0, < 3.1)
-      ruby2_keywords (>= 0.0.4)
-    faraday-net_http (3.0.2)
-    faraday-retry (2.2.1)
-      faraday (~> 2.0)
-    faye-websocket (0.11.3)
-      eventmachine (>= 0.12.0)
-      websocket-driver (>= 0.5.1)
-    ffi (1.16.3)
-    fiddle (1.1.6)
-    filesize (0.2.0)
-    fivemat (1.3.7)
-    forwardable (1.3.3)
-    getoptlong (0.2.1)
-    gssapi (1.3.1)
-      ffi (>= 1.0.1)
-    gyoku (1.4.0)
-      builder (>= 2.1.2)
-      rexml (~> 3.0)
-    hashdiff (1.2.1)
-    hashery (2.1.2)
-    hrr_rb_ssh (0.4.2)
-    hrr_rb_ssh-ed25519 (0.4.2)
-      ed25519 (~> 1.2)
-      hrr_rb_ssh (>= 0.4)
-    http-accept (1.7.0)
-    http-cookie (1.0.8)
-      domain_name (~> 0.5)
-    http_parser.rb (0.8.0)
-    httpclient (2.9.0)
-      mutex_m
-    i18n (1.14.7)
-      concurrent-ruby (~> 1.0)
-    io-console (0.8.1)
-    ipaddr (1.2.7)
-    irb (1.15.2)
-      pp (>= 0.6.0)
-      rdoc (>= 4.0.0)
-      reline (>= 0.4.2)
-    jmespath (1.6.2)
-    jsobfu (0.4.2)
-      rkelly-remix
-    json (2.15.1)
-    json-schema (6.2.0)
-      addressable (~> 2.8)
-      bigdecimal (>= 3.1, < 5)
-    language_server-protocol (3.17.0.5)
-    license_finder (5.11.1)
-      bundler
-      rubyzip (>= 1, < 3)
-      thor
-      toml (= 0.2.0)
-      with_env (= 1.1.0)
-      xml-simple
-    lint_roller (1.1.0)
-    little-plugger (1.1.4)
-    logger (1.7.0)
-    logging (2.4.0)
-      little-plugger (~> 1.1)
-      multi_json (~> 1.14)
-    loofah (2.24.1)
-      crass (~> 1.0.2)
-      nokogiri (>= 1.12.0)
-    lru_redux (1.1.0)
-    mcp (0.13.0)
-      json-schema (>= 4.1)
-    memory_profiler (1.1.0)
-    metasm (1.0.5)
-    metasploit-concern (5.0.5)
-      activemodel (~> 7.0)
-      activesupport (~> 7.0)
-      drb
-      mutex_m
-      railties (~> 7.0)
-      zeitwerk
-    metasploit-credential (6.0.23)
-      bigdecimal
-      csv
-      drb
-      metasploit-concern
-      metasploit-model
-      metasploit_data_models (>= 5.0.0)
-      mutex_m
-      net-ssh
-      pg
-      railties
-      rex-socket
-      rubyntlm
-      rubyzip (< 3.0.0)
-    metasploit-model (5.0.4)
-      activemodel (~> 7.0)
-      activesupport (~> 7.0)
-      bigdecimal
-      drb
-      mutex_m
-      railties (~> 7.0)
-    metasploit-payloads (2.0.245)
-    metasploit_data_models (6.0.18)
-      activerecord (>= 7.0, < 8.1)
-      activesupport (>= 7.0, < 8.1)
-      arel-helpers
-      bigdecimal
-      drb
-      metasploit-concern
-      metasploit-model (>= 5.0.4)
-      mutex_m
-      pg
-      railties (>= 7.0, < 8.1)
-      recog
-      webrick
-    metasploit_payloads-mettle (1.0.46)
-    method_source (1.1.0)
-    mime-types (3.7.0)
-      logger
-      mime-types-data (~> 3.2025, >= 3.2025.0507)
-    mime-types-data (3.2025.0924)
-    mini_portile2 (2.8.9)
-    minitest (5.25.5)
-    mqtt (0.7.0)
-      logger
-    msgpack (1.6.1)
-    multi_json (1.15.0)
-    mustermann (3.0.3)
-      ruby2_keywords (~> 0.0.1)
-    mutex_m (0.3.0)
-    nessus_rest (0.1.6)
-    net-imap (0.5.6)
-      date
-      net-protocol
-    net-ldap (0.19.0)
-    net-protocol (0.2.2)
-      timeout
-    net-sftp (4.0.0)
-      net-ssh (>= 5.0.0, < 8.0.0)
-    net-smtp (0.5.1)
-      net-protocol
-    net-ssh (7.3.0)
-    netrc (0.11.0)
-    network_interface (0.0.4)
-    nexpose (7.3.0)
-    nio4r (2.7.4)
-    nokogiri (1.18.10)
-      mini_portile2 (~> 2.8.2)
-      racc (~> 1.4)
-    nori (2.7.1)
-      bigdecimal
-    octokit (10.0.0)
-      faraday (>= 1, < 3)
-      sawyer (~> 0.9)
-    openssl-ccm (1.2.3)
-    openssl-cmac (2.0.2)
-    openvas-omp (0.0.4)
-    ostruct (0.6.1)
-    packetfu (2.0.0)
-      pcaprub (~> 0.13.1)
-    parallel (1.27.0)
-    parser (3.3.9.0)
-      ast (~> 2.4.1)
-      racc
-    parslet (1.8.2)
-    patch_finder (1.0.2)
-    pcaprub (0.13.3)
-    pdf-reader (2.14.1)
-      Ascii85 (>= 1.0, < 3.0, != 2.0.0)
-      afm (~> 0.2.1)
-      hashery (~> 2.0)
-      ruby-rc4
-      ttfunk
-    pg (1.5.9)
-    pp (0.6.3)
-      prettyprint
-    prettyprint (0.2.0)
-    prism (1.5.1)
-    pry (0.15.2)
-      coderay (~> 1.1)
-      method_source (~> 1.0)
-    pry-byebug (3.11.0)
-      byebug (~> 12.0)
-      pry (>= 0.13, < 0.16)
-    psych (5.2.6)
-      date
-      stringio
-    public_suffix (6.0.2)
-    puma (6.6.0)
-      nio4r (~> 2.0)
-    racc (1.8.1)
-    rack (2.2.19)
-    rack-protection (3.2.0)
-      base64 (>= 0.1.0)
-      rack (~> 2.2, >= 2.2.4)
-    rack-session (1.0.2)
-      rack (< 3)
-    rack-test (2.2.0)
-      rack (>= 1.3)
-    rackup (1.0.1)
-      rack (< 3)
-      webrick
-    rails-dom-testing (2.3.0)
-      activesupport (>= 5.0.0)
-      minitest
-      nokogiri (>= 1.6)
-    rails-html-sanitizer (1.6.2)
-      loofah (~> 2.21)
-      nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0)
-    railties (7.2.2.2)
-      actionpack (= 7.2.2.2)
-      activesupport (= 7.2.2.2)
-      irb (~> 1.13)
-      rackup (>= 1.0.0)
-      rake (>= 12.2)
-      thor (~> 1.0, >= 1.2.2)
-      zeitwerk (~> 2.6)
-    rainbow (3.1.1)
-    rake (13.3.0)
-    rasn1 (0.14.0)
-      strptime (~> 0.2.5)
-    rb-readline (0.5.5)
-    rdoc (6.15.0)
-      erb
-      psych (>= 4.0.0)
-      tsort
-    recog (3.1.14)
-      nokogiri
-    redcarpet (3.6.1)
-    regexp_parser (2.11.3)
-    reline (0.6.2)
-      io-console (~> 0.5)
-    require_all (3.0.0)
-    rest-client (2.1.0)
-      http-accept (>= 1.7.0, < 2.0)
-      http-cookie (>= 1.0.2, < 2.0)
-      mime-types (>= 1.16, < 4.0)
-      netrc (~> 0.8)
-    rex-arch (0.1.20)
-      rex-text
-    rex-bin_tools (0.1.16)
-      metasm
-      rex-arch
-      rex-core
-      rex-struct2
-      rex-text
-    rex-core (0.1.36)
-    rex-encoder (0.1.10)
-      metasm
-      rex-arch
-      rex-text
-    rex-exploitation (0.1.44)
-      bigdecimal
-      jsobfu
-      metasm
-      racc
-      rex-arch
-      rex-encoder
-      rex-text
-      rexml
-    rex-java (0.1.8)
-    rex-mime (0.1.11)
-      rex-text
-    rex-nop (0.1.4)
-      rex-arch
-    rex-ole (0.1.9)
-      rex-text
-    rex-powershell (0.1.103)
-      bigdecimal
-      rex-random_identifier
-      rex-text
-      ruby-rc4
-    rex-random_identifier (0.1.21)
-      bigdecimal
-      rex-text
-    rex-registry (0.1.6)
-    rex-rop_builder (0.1.6)
-      metasm
-      rex-core
-      rex-text
-    rex-socket (0.1.65)
-      dnsruby
-      rex-core
-    rex-sslscan (0.1.13)
-      rex-core
-      rex-socket
-      rex-text
-    rex-struct2 (0.1.5)
-    rex-text (0.2.63)
-      bigdecimal
-    rex-zip (0.1.6)
-      rex-text
-    rexml (3.4.1)
-    rinda (0.2.0)
-      drb
-      forwardable
-      ipaddr
-    rkelly-remix (0.0.7)
-    rspec (3.13.1)
-      rspec-core (~> 3.13.0)
-      rspec-expectations (~> 3.13.0)
-      rspec-mocks (~> 3.13.0)
-    rspec-core (3.13.5)
-      rspec-support (~> 3.13.0)
-    rspec-expectations (3.13.5)
-      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.13.0)
-    rspec-mocks (3.13.5)
-      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.13.0)
-    rspec-rails (8.0.2)
-      actionpack (>= 7.2)
-      activesupport (>= 7.2)
-      railties (>= 7.2)
-      rspec-core (~> 3.13)
-      rspec-expectations (~> 3.13)
-      rspec-mocks (~> 3.13)
-      rspec-support (~> 3.13)
-    rspec-rerun (1.1.0)
-      rspec (~> 3.0)
-    rspec-support (3.13.6)
-    rubocop (1.75.7)
-      json (~> 2.3)
-      language_server-protocol (~> 3.17.0.2)
-      lint_roller (~> 1.1.0)
-      parallel (~> 1.10)
-      parser (>= 3.3.0.2)
-      rainbow (>= 2.2.2, < 4.0)
-      regexp_parser (>= 2.9.3, < 3.0)
-      rubocop-ast (>= 1.44.0, < 2.0)
-      ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 2.4.0, < 4.0)
-    rubocop-ast (1.47.1)
-      parser (>= 3.3.7.2)
-      prism (~> 1.4)
-    ruby-macho (4.1.0)
-    ruby-mysql (4.2.0)
-    ruby-prof (1.7.2)
-      base64
-    ruby-progressbar (1.13.0)
-    ruby-rc4 (0.1.5)
-    ruby2_keywords (0.0.5)
-    ruby_smb (3.3.17)
-      bindata (= 2.4.15)
-      openssl-ccm
-      openssl-cmac
-      rubyntlm (>= 0.6.5)
-      windows_error (>= 0.1.4)
-    rubyntlm (0.6.5)
-      base64
-    rubyzip (2.4.1)
-    sawyer (0.9.2)
-      addressable (>= 2.3.5)
-      faraday (>= 0.17.3, < 3)
-    securerandom (0.4.1)
-    simplecov (0.18.2)
-      docile (~> 1.1)
-      simplecov-html (~> 0.11)
-    simplecov-html (0.13.1)
-    simpleidn (0.2.3)
-    sinatra (3.2.0)
-      mustermann (~> 3.0)
-      rack (~> 2.2, >= 2.2.4)
-      rack-protection (= 3.2.0)
-      tilt (~> 2.0)
-    sqlite3 (1.7.3)
-      mini_portile2 (~> 2.8.0)
-    sshkey (3.0.0)
-    stringio (3.1.1)
-    strptime (0.2.5)
-    swagger-blocks (3.0.0)
-    syslog (0.3.0)
-      logger
-    test-prof (1.4.4)
-    thin (1.8.2)
-      daemons (~> 1.0, >= 1.0.9)
-      eventmachine (~> 1.0, >= 1.0.4)
-      rack (>= 1, < 3)
-    thor (1.4.0)
-    tilt (2.6.0)
-    timecop (0.9.10)
-    timeout (0.4.3)
-    toml (0.2.0)
-      parslet (~> 1.8.0)
-    tsort (0.2.0)
-    ttfunk (1.8.0)
-      bigdecimal (~> 3.1)
-    tzinfo (2.0.6)
-      concurrent-ruby (~> 1.0)
-    tzinfo-data (1.2025.1)
-      tzinfo (>= 1.0.0)
-    unicode-display_width (3.2.0)
-      unicode-emoji (~> 4.1)
-    unicode-emoji (4.1.0)
-    unix-crypt (1.3.1)
-    useragent (0.16.11)
-    warden (1.2.9)
-      rack (>= 2.0.9)
-    webmock (3.26.2)
-      addressable (>= 2.8.0)
-      crack (>= 0.3.2)
-      hashdiff (>= 0.4.0, < 2.0.0)
-    webrick (1.9.1)
-    websocket-driver (0.7.7)
-      base64
-      websocket-extensions (>= 0.1.0)
-    websocket-extensions (0.1.5)
-    win32api (0.1.0)
-    windows_error (0.1.5)
-    winrm (2.3.9)
-      builder (>= 2.1.2)
-      erubi (~> 1.8)
-      gssapi (~> 1.2)
-      gyoku (~> 1.0)
-      httpclient (~> 2.2, >= 2.2.0.2)
-      logging (>= 1.6.1, < 3.0)
-      nori (~> 2.0, >= 2.7.1)
-      rexml (~> 3.0)
-      rubyntlm (~> 0.6.0, >= 0.6.3)
-    with_env (1.1.0)
-    xdr (3.0.3)
-      activemodel (>= 4.2, < 8.0)
-      activesupport (>= 4.2, < 8.0)
-    xml-simple (1.1.9)
-      rexml
-    xmlrpc (0.3.3)
-      webrick
-    yard (0.9.37)
-    zeitwerk (2.7.3)
+    activemodel (3.2.9)
+      activesupport (= 3.2.9)
+      builder (~> 3.0.0)
+    activerecord (3.2.9)
+      activemodel (= 3.2.9)
+      activesupport (= 3.2.9)
+      arel (~> 3.0.2)
+      tzinfo (~> 0.3.29)
+    activesupport (3.2.9)
+      i18n (~> 0.6)
+      multi_json (~> 1.0)
+    arel (3.0.2)
+    builder (3.0.4)
+    coderay (1.0.8)
+    diff-lcs (1.1.3)
+    i18n (0.6.1)
+    method_source (0.8.1)
+    multi_json (1.0.4)
+    pg (0.14.1)
+    pry (0.9.10)
+      coderay (~> 1.0.5)
+      method_source (~> 0.8)
+      slop (~> 3.3.1)
+    rake (10.0.2)
+    redcarpet (2.2.2)
+    rspec (2.12.0)
+      rspec-core (~> 2.12.0)
+      rspec-expectations (~> 2.12.0)
+      rspec-mocks (~> 2.12.0)
+    rspec-core (2.12.1)
+    rspec-expectations (2.12.0)
+      diff-lcs (~> 1.1.3)
+    rspec-mocks (2.12.0)
+    simplecov (0.5.4)
+      multi_json (~> 1.0.3)
+      simplecov-html (~> 0.5.3)
+    simplecov-html (0.5.3)
+    slop (3.3.3)
+    tzinfo (0.3.35)
+    yard (0.8.3)

 PLATFORMS
  ruby

 DEPENDENCIES
-  allure-rspec
-  debug (>= 1.0.0)
-  factory_bot_rails
-  fivemat
-  license_finder (= 5.11.1)
-  memory_profiler
-  metasploit-framework!
-  octokit
-  pry-byebug
+  activerecord
+  activesupport (>= 3.0.0)
+  metasploit_data_models!
+  pg (>= 0.11)
  rake
  redcarpet
-  rspec-rails
-  rspec-rerun
-  rubocop (= 1.75.7)
-  ruby-prof
-  simplecov (= 0.18.2)
-  test-prof
-  timecop
-  webmock (~> 3.18)
+  rspec (>= 2.12)
+  simplecov (= 0.5.4)
  yard
-
-BUNDLED WITH
-   2.5.22
@@ -0,0 +1,143 @@
+# $Id$
+
+This file contains some brief instructions on contributing to the
+Metasploit Framework.
+
+Code Style
+==========
+
+In order to maintain consistency and readability, we ask that you
+adhere to the following style guidelines:
+
+ - Hard tabs, not spaces
+ - Try to keep your lines under 100 columns (assuming four-space tabs)
+ - do; end instead of {} for a block
+ - Always use str[0,1] instead of str[0]
+   (This avoids a known ruby 1.8/1.9 incompatibility.)
+ - Method names should always be lower_case and words separated by "_"
+ - Variable names should be lower case with words separated by "_"
+ - Don't depend on any external gems or libraries without talking to
+   todb to resolve packaging and licensing issues 
+
+You can use the the "./tools/msftidy.rb" script to do some rudimentary
+checking for various violations.
+
+
+Code No-Nos
+===========
+
+1. Don't print to standard output. Doing so means that users of
+interfaces other than msfconsole, such as msfrpc and msfgui, won't see
+your output.  You can use print_line to accomplish the same thing as
+puts. 
+
+2. Don't read from standard input, doing so will make your code 
+lock up the entire module when called from other interfaces. If you 
+need user input, you can either register an option or expose an 
+interactive session type specific for the type of exploit.
+
+3. Don't use "sleep". It has been known to cause issues with
+multi-threaded programs on various platforms. Instead, we use
+"select(nil, nil, nil, <time>)" throughout the framework. We have
+found this works around the underlying issue.
+
+4. Always use Rex sockets, not ruby sockets.  This includes
+third-party libraries such as Net::Http.  There are several very good
+reasons for this rule.  First, the framework doesn't get notified on
+the creation of ruby sockets and won't know how to clean them up in
+case your module raises an exception without cleaning up after itself.
+Secondly, non-Rex sockets do not know about routes and therefore can't
+be used through a meterpreter tunnel.  Lastly, regular sockets miss
+out on msf's proxy and SSL features.  Msf includes many protocols
+already implemented with Rex and if the protocol you need is missing,
+porting another library to use them is straight-forward.  See our
+Net::SSH modifications in lib/net/ssh/ for an example.
+
+5. When opening an IO stream, always force binary with "b" mode (or
+using IO#binmode). This not only helps keep Windows and non-Windows
+runtime environments consistent with each other, but also guarantees
+that files will be treated as ASCII-8BIT instead of UTF-8.
+
+6. Don't use String#[] for a single character.  This returns a Fixnum in
+ruby 1.8 and a String in 1.9, so it's safer to use the following idiom:
+	str[idx,1]
+which always returns a String.  If you need the ASCII byte, unpack it like
+so: 
+	str[idx,1].unpack("C")[0]
+
+7. Whenever possible, avoid using '+' or '+=' to concatenate strings.
+The '<<' operator is significantly faster. The difference will become
+even more apparent when doing string manipulation in a loop. The
+following table approximates the underlying implementation:
+	Ruby 		Pseudo-C
+	----------- 	----------------
+	a = b + c 	a = malloc(b.len+c.len+1);
+			strcpy(a, b);
+			memcpy(a+b.len, c, c.len);
+			a[b.len + c.len] = '\0';
+	a = b 		a = b;
+	a << c 		a = realloc(a, a.len+c.len+1);
+			memcpy(a+a.len, c, c.len);
+			a[a.len + c.len] = '\0';
+Note that the original value of 'b' is lost in the second case. Care
+must be taken to duplicate strings that you do not want to modify.
+
+8. For other Ruby 1.8.x/1.9.x compat issues, please see Sam Ruby's
+excellent slide show at <http://slideshow.rubyforge.org/ruby19.html>
+for an overview of common and not-so-common Ruby version related gotchas.
+
+9. Never, ever use $global variables. This applies to modules, mixins,
+and libraries. If you need a "global" within a specific class, you can
+use @@class_variables, but most modules should use @instance variables
+to store information between methods. 
+
+10. Do not define CONSTANTS within individual modules. This can lead to
+warning messages when the module is reloaded. Try to keep constants
+inside libraries and mixins instead.
+
+
+Creating New Modules
+====================
+
+When creating a new module, the simplest way to start is to copy
+another module that uses the same protocol and modify it to your
+needs.  If you're creating an exploit module, generally you'll want
+to edit the exploit() method.  Auxiliary Scanner modules use one of
+run_host(), run_range(), or run_batch() instead of exploit().
+Non-scanner aux modules use run().
+
+
+Submitting Your Code
+====================
+
+The process for submitting new modules via GitHub is documented here:
+
+https://github.com/rapid7/metasploit-framework/wiki/Metasploit-Development-Environment
+
+This describes the process of forking, editing, and generating a
+pull request, and is the preferred method for bringing new modules
+and framework enhancements to the attention of the core Metasploit
+development team. Note that this process requires a GitHub account.
+
+For Git commits, please adhere to 50/72 formatting: your commits should
+start with a line 50 characters or less, followed by a blank line,
+followed by one or more lines of explanatory text wrapped at at 72
+characters Pull requests with commits not formatted this way will
+be rejected without review.
+
+For modules, note that Author field is not automatic, and should be 
+filled in in the format of 'Your Name <user[at]domain.tld>' so future 
+developers can contact you with any questions.
+
+Licensing
+=========
+By submitting code contributions to the Metasploit Project it is
+assumed that you are offering your code under the Metasploit License
+or similar 3-clause BSD-compatible license.  MIT and Ruby Licenses 
+are also fine.  We specifically cannot include GPL code. LGPL code
+is accepted on a case by case basis for libraries only and is never 
+accepted for modules.
+
+When possible, such as aux and exploit modules, be sure to include
+your license designation in the file in the appropriate place.
+
@@ -1,146 +1,157 @@
-Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
-Source: https://www.metasploit.com/
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Source: http://www.metasploit.com/

 Files: *
-Copyright: 2006-2026, Rapid7, Inc.
+Copyright: 2006-2013, Rapid7 Inc.
 License: BSD-3-clause

 # The Metasploit Framework is provided under the 3-clause BSD license provided
 # at the end of this file.
 #
-# The copyright on this package is held by Rapid7, Inc.
+# The copyright on this package is held by Rapid7 LLC.
 #
 # This license does not apply to third-party components detailed below.
 #
-# Last updated: 2013-Nov-04
-#

-Files: data/exploits/mysql/lib_mysqludf_sys_*.so
-Copyright: 2007  Roland Bouman
-           2008-2010  Roland Bouman and Bernardo Damele A. G.
+Files: data/john/*
+Copyright: 1996-2011 Solar Designer.
+License: GPL-2
+
+Files: external/pcaprub/*
+Copyright: 2007-2008, Alastair Houghton
 License: LGPL-2.1
-Purpose: These files are used in exploits/multi/mysql/mysql_udf_payload.rb

-Files: data/exploits/cve-2023-34634/test.png
-Copyright: 2023 Brendan Watters
-License: MIT
-Purpose: These image is used as the default file to embed the exploit command.
-
-Files: data/headers/windows/c_payload_util/beacon.h
-Copyright: 2022, Copyright Help/Systems LLC and its group of companies.
-License: Apache 2.0
-
-Files: data/jtr/*
-Copyright: Copyright 1996-2013 by Solar Designer
-License: GNU GPL 2.0
-
-Files: data/post/SharpHound.exe
-       data/post/powershell/SharpHound.ps1
-Copyright (C) 2016-2022 Specter Ops Inc.
-License: GNU GPL 3.0
-Purpose: These files are uploaded and executed by
-         post/windows/gather/bloodhound.
-
-Files: data/templates/to_mem_pshreflection.ps1.template
-Copyright: 2012, Matthew Graeber
+Files: external/ruby-kissfft/*
+Copyright: 2003-2010 Mark Borgerding
+           2009-2012 H D Moore <hdm[at]rapid7.com>
 License: BSD-3-clause

-Files: data/webcam/api.js
-Copyright: Copyright 2013 Muaz Khan<@muazkh>.
-License: MIT
+Files: external/ruby-lorcon/*
+Copyright: 2005, dragorn and Joshua Wright
+License: LGPL-2.1

-Files: data/wordlists/flask_secret_keys.txt
-Source: https://github.com/Paradoxis/Flask-Unsign-Wordlist/blob/v2023.34/flask_unsign_wordlist/wordlists/github.txt
-Copyright: Copyright (c) 2023 Luke Paris (Paradoxis)
-License: MIT
+Files: external/source/armitage/* data/armitage/*
+Copyright: 2010-2012 Raphael Mudge
+License: BSD-3-clause

 Files: external/source/byakugan/*
 Copyright: Lurene Grenier, 2009
 License: BSD-3-clause

-Files: external/source/evasion/windows/process_herpaderping/ProcessHerpaderping/*
-Copyright: 2020 Johnny Shaw
-License: MIT
-
-Files: external/source/exploits/CVE-2018-8120/*
-Copyright: 2018
-License: GNU GPL 3
-Purpose: This supports exploits/windows/local/ms18_8120_win32k_privesc module
-
-Files: external/source/exploits/CVE-2022-1043/cve-2022-1043.c
-Copyright: 2022 Open Source Security, Inc.
-License: GNU GPL 2.0
-Purpose: This source file is necessary for users to create a stand-alone executable
-         to exploit CVE-2022-1043, a local privilege escalation vulnerability in
-         Linux kernels 5.12-rc3 - 5.14-rc7.
-
-Files: external/source/exploits/CVE-2022-22942/cve-2022-22942-dc.c
-Copyright: 2022 Open Source Security, Inc.
-License: GNU GPL 2.0
-Purpose: This source file is necessary for users to create a stand-alone executable
-         to exploit CVE-2022-22942, a local privilege escalation vulnerability in
-         Linux kernels 4.14-rc1 - 5.17-rc1.
-
-Files: exteneral/source/exploits/CVE-2022-26904/*
-Copyright: 2022 Abdelhamid Naceri
-License: MIT
-
-Files: external/source/exploits/CVE-2023-36874/*
-Copyright: 2023 Octoberfest7
-License: MIT
-Purpose: Library and error report file are required for calculating offsets to the correct
-         function calls to implement the exploit.  The heavily modified C main is necessary
-         to create and trigger the exploit.
-
-Files: external/source/exploits/drunkpotato/Common_Src_Files/spnegotokenhandler/*
-Copyright: 2011 Jon Bringhurst
-License: GNU GPL 2.0
-
-Files: external/source/exploits/IE11SandboxEscapes/*
-Copyright: James Forshaw, 2014
-License: GPLv3
-Purpose: This set of source code supports the following modules
-         exploits/windows/local/ms13_097_ie_registry_symlink.rb
-         exploits/windows/local/ms14_009_ie_dfsvc.rb
+Files: external/source/gui/msfguijava/* data/gui/*
+Copyright: 2010 scriptjunkie
+License: BSD-3-clause

 Files: external/source/ipwn/*
 Copyright: 2004-2005 vlad902 <vlad902 [at] gmail.com>
           2007 H D Moore <hdm [at] metasploit.com>
 License: GPL-2 and Artistic
-Purpose: These files are used in payloads/stages/osx/armle/execute
+
+Files: external/source/meterpreter/ReflectiveDLLInjection/*
+Copyright: 2009, Stephen Fewer of Harmony Security (www.harmonysecurity.com)
+License: BSD-3-clause
+
+Files: external/source/meterpreter/source/common/queue.h
+Copyright: 1991, 1993 The Regents of the University of California
+License: BSD-3-clause
+
+Files: external/source/meterpreter/source/common/zlib/* external/source/meterpreter/source/server/zlib/*
+Copyright: 1995-1996 Jean-loup Gailly and Mark Adler
+License: Zlib
+
+Files: external/source/meterpreter/source/bionic/libc/*
+Copyright: 2005-2008, The Android Open Source Project
+           2004 by Internet Systems Consortium, Inc. ("ISC")
+           1995,1996,1999 by Internet Software Consortium
+           1995 by International Business Machines, Inc.
+           1997,1998,1999,2004 The NetBSD Foundation, Inc.
+           1993 Christopher G. Demetriou
+           1983,1985,1989,1993 The Regents of the University of California
+           2000 Ben Harris
+           1995,1996,1997,1998 WIDE Project
+           2003 Networks Associates Technology, Inc.
+           1993 by Digital Equipment Corporation
+           1997 Mark Brinicombe
+           1993 Martin Birgmeier
+           1993 by Sun Microsystems, Inc.
+           1997, 2005 Todd C. Miller <Todd.Miller@courtesan.com>
+           1995, 1996 Carnegie-Mellon University
+           2003 Networks Associates Technology, Inc.
+License: BSD-3-clause and BSD-4-clause
+
+Files: external/source/meterpreter/source/bionic/libdl/*
+Copyright: 2007 The Android Open Source Project
+License: BSD-3-clause
+
+Files: external/source/meterpreter/source/bionic/libm/*
+Copyright: 2003, Steven G. Kargl
+           2003 Mike Barcroft <mike@FreeBSD.org>
+           2002-2005 David Schultz <das@FreeBSD.ORG>
+           2004 Stefan Farfeleder
+           2003 Dag-Erling Coïdan Smørgrav
+           1996 The NetBSD Foundation, Inc.
+           1985,1988,1991,1992,1993 The Regents of the University of California
+           1993,94 Winning Strategies, Inc.
+           1993, 2004 by Sun Microsystems, Inc.
+License: BSD-2-clause and BSD-3-clause and BSD-4-clause
+
+Files: external/source/meterpreter/source/extensions/espia/screen.c
+Copyright: 1994-2008, Mark Hammond
+License: BSD-2-clause
+
+Files: external/source/meterpreter/source/extensions/priv/server/timestomp.c
+Copyright: 2005 Vincent Liu
+License: GPL-2
+
+Files: external/source/meterpreter/source/extensions/stdapi/server/webcam/bmp2jpeg.c external/source/meterpreter/source/screenshot/bmp2jpeg.c
+Copyright: 1994-2008, Mark Hammond
+License: BSD-2-clause
+
+Files: external/source/meterpreter/source/extensions/stdapi/server/railgun/railgun.c
+Copyright: 2010, patrickHVE@googlemail.com
+License: BSD-2-clause
+
+Files: external/source/meterpreter/source/pssdk/*
+Copyright: microOLAP
+License: N/A
+Comment: HD Moore holds a single-seat developer license for the Packet Sniffer
+         SDK library embedded into the Meterpreter Sniffer extension.  This
+         source code is not distributed with Metasploit Framework.
+
+Files: external/source/meterpreter/source/openssl/*
+Copyright: 1998-2002 The OpenSSL Project
+License: OpenSSL and SSLeay
+
+Files: external/source/meterpreter/source/server/posix/sfsyscall.h
+Copyright: 2003  Philippe Biondi <biondi@cartel-securite.fr>
+License: LGPL
+
+Files: external/source/meterpreter/source/jpeg-8/*
+Copyright: 1991-2010, Thomas G. Lane, Guido Vollbeding
+License: BSD-3-clause
+
+Files: external/source/meterpreter/source/libpcap/*
+Copyright: 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997 The Regents of the University of California.
+License: BSD-4-clause

 Files: external/source/metsvc/*
 Copyright: 2007, Determina Inc.
 License: BSD-3-clause

-Files: external/source/osx/isight/*
-Copyright: 2009
-License: GPL
-Purpose: Used in modules/payloads/stages/osx/x86/isight to capture images.
-
-Files: external/source/pxesploit/regeditor/ntreg.h
-       external/source/pxesploit/regeditor/ntreg.c
-Copyright: 1997-2010, Petter Nordahl-Hagen
-License: LGPL
-Purpose: Unknown. These files are used to create a linux binary called regeditor
-         which allows a linux OS to edit a Windows registry. It is used in
-         pxesploit modules.
-
-Files: external/source/ReflectiveDLLInjection/*
-Copyright: 2011, Stephen Fewer of Harmony Security (www.harmonysecurity.com)
-License: BSD-3-clause
-
-Files: external/source/shellcode/windows/build.sh
-Copyright: 2009
-License: GPL / Perl Artistic
-Purpose: A perl script to build some of the x86 Windows payloads.
+Files: external/source/tightvnc/*
+Copyright: 1999 AT&T Laboratories Cambridge.
+           2000 Tridia Corp.
+           2002-2003 RealVNC Ltd.
+           2001-2004 HorizonLive.com, Inc.
+           2000-2007 Constantin Kaplinsky
+           2000-2009 TightVNC Group
+License: GPL-2

 Files: external/source/unixasm/*
 Copyright: 2004-2008 Ramon de Carvalho Valle <ramon@risesecurity.org>
 License: BSD-4-clause

 Files: external/source/vncdll/winvnc/*
-       external/source/tightvnc/*
 Copyright: 1999 AT&T Laboratories Cambridge.
           2000 Tridia Corp.
           2002-2003 RealVNC Ltd.
@@ -148,140 +159,307 @@ Copyright: 1999 AT&T Laboratories Cambridge.
           2000-2006 Constantin Kaplinsky.
           2000-2009 TightVNC Group
 License: GPL-2
-Purpose: The built result is used in:
-           payloads/stages/windows/vncinject.rb
-           payloads/stages/windows/x64/vncinject.rb

-Files: external/source/exploits/CVE-2022-46689/vm_unaligned_copy_switch_race.c
-Copyright: 1999-2007 Apple Inc.
-License: Apple
-Purpose: This source file is necessary for users to create a stand-alone executable
-         to exploit CVE-2022-46689, a local privilege escalation vulnerability in
-         MacOSX versions (macOS dirty cow)
-
-Files: lib/anemone.rb
-       lib/anemone/*
+Files: lib/anemone.rb lib/anemone/*
 Copyright: 2009 Vertive, Inc.
 License: MIT

-Files: lib/expect.rb
-Copyright: 2017 Yukihiro Matsumoto
+Files: lib/bit-struct.rb lib/bit-struct/*
+Copyright: 2005-2009, Joel VanderWerf
 License: Ruby

-Files: lib/msf/core/modules/external/python/async_timeout/*
-Copyright: 2016-2023 Andrew Svetlov
-License: Apache 2.0
+Files: lib/fastlib.rb
+Copyright: 2011, Rapid7 Inc.
+License: Ruby

-Files: lib/msf/core/web_services/public/*
-       lib/msf/core/web_services/views/api_docs.erb
-Copyright: Copyright 2018 SmartBear Software
-License: Apache 2.0
+Files: lib/gemcache/ruby/1.9.1/arch/*/eventmachine-*/*
+Copyright: 2006-2007, Francis Cianfrocca
+License: Ruby

-Files: lib/net/dns.rb
-       lib/net/dns/*
+Files: lib/gemcache/ruby/1.9.1/arch/*/json-*/*
+Copyright: Daniel Luz <dev at mernen dot com>
+License: Ruby
+
+Files: lib/gemcache/ruby/1.9.1/arch/*/msgpack-*/*
+Copyright: Austin Ziegler
+License: Ruby
+
+Files: lib/gemcache/ruby/1.9.1/arch/*/nokogiri-*/*
+Copyright: 2008 - 2012 Aaron Patterson, Mike Dalessio, Charles Nutter, Sergio Arbeo, Patrick Mahoney, Yoko Harada
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/arch/*/pg-*/*
+Copyright: 1997-2012 by the authors
+License: Ruby
+
+Files: lib/gemcache/ruby/1.9.1/arch/*/thin-*/*
+Copyright: Marc-Andre Cournoyer
+License: Ruby
+
+Files: lib/gemcache/ruby/1.9.1/arch/*/win32-api-*/*
+Copyright: 2003-2011, Daniel J. Berger
+License: Artistic
+
+Files: lib/gemcache/ruby/1.9.1/arch/*/win32-service-*/*
+Copyright: 2003-2011, Daniel J. Berger
+License: Artistic
+
+Files: lib/gemcache/ruby/1.9.1/arch/*/windows-api-*/*
+Copyright: 2007-2012, Daniel J. Berger
+License: Artistic
+
+Files: lib/gemcache/ruby/1.9.1/arch/*/windows-pr-*/*
+Copyright: 2006-2010, Daniel J. Berger
+License: Artistic
+
+Files: lib/gemcache/ruby/1.9.1/gems/coderay-*/*
+Copyright: 2006-2011, murphy (Kornelius Kalnback) <murphy rubychan de>
+License: LGPL-2.1
+
+Files: lib/gemcache/ruby/1.9.1/gems/actionmailer-*/*
+Copyright: 2004-2011 David Heinemeier Hansson
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/actionpack-*/*
+Copyright: 2004-2011 David Heinemeier Hansson
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/activemodel-*/*
+Copyright: 2004-2011 David Heinemeier Hansson
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/activerecord-*/*
+Copyright: 2004-2011 David Heinemeier Hansson
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/activeresource-*/*
+Copyright: 2006-2011 David Heinemeier Hansson
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/activesupport-*/*
+Copyright: 2005-2011 David Heinemeier Hansson
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/acts_as_list-*/*
+Copyright: 2007 David Heinemeir Hansson
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/arel-*/*
+Copyright: 2007-2010 Nick Kallen, Bryan Helmkamp, Emilio Tagua, Aaron Patterson
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/authlogic-*/*
+Copyright: 2011 Ben Johnson of Binary Logic
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/builder-*/*
+Copyright: 2003-2012 Jim Weirich (jim.weirich@gmail.com)
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/carrierwave-*/*
+Copyright: 2008-2012 Jonas Nicklas
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/chunky_png-*/*
+Copyright: 2010 Willem van Bergen
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/coderay-*/*
+Copyright: Rob Aldred
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/daemons-*/*
+Copyright: 2005-2012 Thomas Uehlinger
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/diff-lcs-*/*
+Copyright: 2004-2011 Austin Ziegler
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/erubis-*/*
+Copyright: 2006-2011 kuwata-lab.com all rights reserved
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/formtastic-*/*
+Copyright: 2008-2010
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/fssm-*/*
+Copyright: 2011 Travis Tilley
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/hike-*/*
+Copyright: 2011 Sam Stephenson
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/i18n-*/*
+Copyright: 2008 The Ruby I18n team
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/ice_cube-*/*
+Copyright: 2010-2012 John Crepezzi
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/journey-*/*
+Copyright: 2011 Aaron Patternson
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/jquery-rails-*/*
+Copyright: 2010 Andre Arko
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/liquid-*/*
+Copyright: 2005, 2006 Tobias Luetke
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/mail-*/*
+Copyright: 2009, 2010, 2011, 2012 Mikel Lindsaar
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/metasploit_data_modules-*/*
+Copyright: 2012 Rapid7, Inc.
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/method_source-*/*
+Copyright: 2011 John Mair (banisterfiend)
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/multi_json-*/*
+Copyright: 2010 Michael Bleigh, Josh Kalderimis, Erik Michaels-Ober, and Intridea, Inc.
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/polyglot-*/*
+Copyright: 2007 Clifford Heath
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/prototype_legacy_helper-*/*
+Copyright: No copyright statement provided (unmaintained per https://github.com/rails/prototype_legacy_helper)
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/rack-*/*
+Copyright: 2007-2010 Christian Neukirchen <purl.org/net/chneukirchen>
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/rack-cache-*/*
+Copyright: 2008 Ryan Tomayko <http://tomayko.com/about>
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/rack-ssl-*/*
+Copyright: 2010 Joshua Peek
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/rack-test-*/*
+Copyright: 2008-2009 Bryan Helmkamp, Engine Yard Inc.
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/railties-*/*
+Copyright: No copyright statement provided
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/rake-*/*
+Copyright: 2003, 2004 Jim Weirich
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/robots-*/*
+Copyright: 2008 Kyle Maxwell, contributors
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/slop-*/*
+Copyright: 2012 Lee Jarvis
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/spork-*/*
+Copyright: 2009 Tim Harper
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/sprockets-*/*
+Copyright: 2011 Sam Stephenson, Joshua Peek
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/state_machine-*/*
+Copyright: 2006-2012 Aaron Pfeifer
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/thor-*/*
+Copyright: 2008 Yehuda Katz
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/tilt-*/*
+Copyright: 2010 Ryan Tomayko <http://tomayko.com/about>
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/treetop-*/*
+Copyright: 2007 Nathan Sobo
+License: MIT
+
+Files: lib/gemcache/ruby/1.9.1/gems/tzinfo-*/*
+Copyright: 2005-2006 Philip Ross
+License: MIT
+
+Files: lib/metasm.rb lib/metasm/* data/cpuinfo/*
+Copyright: 2006-2010 Yoann GUILLOT
+License: LGPL-2.1
+
+Files: lib/nessus/*
+Copyright: Vlatoko Kosturjak
+License: BSD-3-clause
+
+Files: lib/net/dns.rb lib/net/dns/*
 Copyright: 2006 Marco Ceresa
 License: Ruby

-Files: lib/postgres_msf.rb
-       lib/postgres/postgres-pr/message.rb
-       lib/postgres/postgres-pr/connection.rb
+Files: lib/net/ssh.rb lib/net/ssh/*
+Copyright: 2008 Jamis Buck <jamis@37signals.com>
+License: MIT
+
+Files: lib/packetfu.rb lib/packetfu/*
+Copyright: 2008-2012 Tod Beardsley
+License: BSD-3-clause
+
+Files: lib/postgres_msf.rb lib/postgres/postgres-pr/message.rb lib/postgres/postgres-pr/connection.rb
 Copyright: 2005 Michael Neumann
 License: BSD-3-clause or Ruby

+Files: lib/openvas/*
+Copyright: No copyright statement provided
+License: MIT
+
 Files: lib/rabal/*
 Copyright: Jeremy Hinegadner <jeremy at hinegardner dot org>
 License: Ruby

-Files: lib/rbmysql.rb
-       lib/rbmysql/*
+Files: lib/rbmysql.rb lib/rbmysql/*
 Copyright: 2009 tommy
 License: Ruby

-Files: lib/snmp.rb
-       lib/snmp/*
+Files: lib/rbreadline.rb
+Copyright: 2009 Park Heesob
+License: BSD-3-clause
+
+Files: lib/rkelly/*
+Copyright: 2007, 2008, 2009 Aaron Patternson, John Barnette
+License: MIT
+
+Files: lib/snmp.rb lib/snmp/*
 Copyright: 2004, David R. Halliday
 License: Ruby

+Files: lib/sshkey.rb lib/sshkey/*
+Copyright: 2011 James Miller
+License: MIT
+
 Files: lib/windows_console_color_support.rb
-Copyright: 2011 Michael 'mihi' Schierl
+Copyright: 2011 Michael 'migi' Schierl
 License: BSD-3-clause

-Files: lib/zip.rb
-       lib/zip/*
+Files: lib/zip.rb lib/zip/*
 Copyright: 2002-2004, Thomas Sandergaard
 License: Ruby

-Files: modules/auxiliary/dos/cisco/cisco_7937g_dos.py
-Copyright: 2020, Cody Martin
-License: GPL
-Purpose: This module allows an attacker to render a Cisco 7937G unresponsive
-         until it is manually power cycled.
-
-Files: modules/auxiliary/dos/cisco/cisco_7937g_dos_reboot.py
-Copyright: 2020, Cody Martin
-License: GPL
-Purpose: This module allows an attacker to render a Cisco 7937G unresponsive
-         until it automatically power cycles.
-
-Files: modules/auxiliary/admin/http/cisco_7937g_ssh_privesc.py
-Copyright: 2020, Cody Martin
-License: GPL
-Purpose: This module allows an unauthenticated user to change the credentials
-         for SSH access on a Cisco 7937G device.
-
-Files: modules/auxiliary/gather/office365userenum.py
-Copyright: 2015  Oliver Morton
-License: GPL
-Purpose: Enumerates valid usernames from Office 365 using ActiveSync.
-
-Files: modules/exploits/linux/local/bpf_priv_esc.rb
-       data/exploits/CVE-2016-4557/hello
-Copyright: 2001-2007
-License: GPL
-Purpose: This module contains the source code for FUSE, which this module
-         uploads and compiles or uploads a precompiled binary (hello).
-
-Files: modules/exploits/linux/local/ntfs3g_priv_esc.rb
-Copyright: 2017
-License: GPLv2
-Purpose: The Ruby file contains the text of several modules from exploit-db
-         which it compiles and uploads to the target to elevate privileges.
-
-Files: modules/exploits/unix/fileformat/metasploit_libnotify_cmd_injection.rb
-Copyright: 2020
-License: GPL
-Purpose: This module targets a vulnerability in Metasploit Framework versions
-         prior to 5.0.86.
-
-Files: modules/exploits/windows/smb/ms04_007_killbill.rb
-Copyright: 2004, Solar Eclipse
-License: GPL
-Purpose: The module exploits the Windows ASN.1 vulnerability in Windows 2000
-         SP2-SP4 and Windows XP SP0-SP1. It contains code ported from a GPLv2
-         module.
-
 Files: modules/payloads/singles/windows/speak_pwned.rb
 Copyright: 2009-2010 Berend-Jan "SkyLined" Wever <berendjanwever@gmail.com>
 License: BSD-3-clause

-Files: modules/payloads/singles/windows/x64/messagebox.rb
-Copyright: 2018, jaguinaga
-License: GPL
-Purpose: This module allows us to create an x64 Windows messagebox payload.
-
-Files: modules/post/linux/dos/xen_420_dos.rb
-Copyright: 2016
-License: GPL
-Purpose: This module crashes the Xen 4.2.0 hypervisor when run in a
-         paravirtualized VM. It contains a short code section licensed through
-         GPL.
-
-Files: tools/exploit/metasm_shell.rb
-Copyright: 2007, Yoann GUILLOT
-License: LGPL
-Purpose: Allows users to invoke an interactive metasm shell to get opcodes from
-assembly instructions.
-
 License: BSD-2-clause
 Redistribution and use in source and binary forms, with or without modification,
 are permitted provided that the following conditions are met:
@@ -315,7 +493,7 @@ License: BSD-3-clause
     this list of conditions and the following disclaimer in the documentation
     and/or other materials provided with the distribution.
 .
-     * Neither the name of Rapid7, Inc. nor the names of its contributors
+     * Neither the name of Rapid7 LLC nor the names of its contributors
     may be used to endorse or promote products derived from this software
     without specific prior written permission.
 .
@@ -770,54 +948,6 @@ License: Artistic
 DAMAGES ARISING IN ANY WAY OUT OF THE USE OF THE PACKAGE, EVEN IF
 ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

-License: Apache
- Version 1.1, 2000
- Modifications by CORE Security Technologies
- .
- Copyright (c) 2000 The Apache Software Foundation.  All rights
- reserved.
- .
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions
- are met:
- .
- 1. Redistributions of source code must retain the above copyright
-    notice, this list of conditions and the following disclaimer.
- .
- 2. Redistributions in binary form must reproduce the above copyright
-    notice, this list of conditions and the following disclaimer in
-    the documentation and/or other materials provided with the
-    distribution.
- .
- 3. The end-user documentation included with the redistribution,
-    if any, must include the following acknowledgment:
-       "This product includes software developed by
-        CORE Security Technologies (http://www.coresecurity.com/)."
-    Alternately, this acknowledgment may appear in the software itself,
-    if and wherever such third-party acknowledgments normally appear.
- .
- 4. The names "Impacket" and "CORE Security Technologies" must
-    not be used to endorse or promote products derived from this
-    software without prior written permission. For written
-    permission, please contact oss@coresecurity.com.
- .
- 5. Products derived from this software may not be called "Impacket",
-    nor may "Impacket" appear in their name, without prior written
-    permission of CORE Security Technologies.
- .
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
- WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- DISCLAIMED.  IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
- ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
- USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
- ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- SUCH DAMAGE.
-
 License: Apache
 Version 2.0, January 2004
 http://www.apache.org/licenses/
@@ -1036,372 +1166,3 @@ License: Zlib
 2. Altered source versions must be plainly marked as such, and must not be
    misrepresented as being the original software.
 3. This notice may not be removed or altered from any source distribution.
-
-License: Apple
-APPLE PUBLIC SOURCE LICENSE
-Version 2.0 - August 6, 2003
-
-Please read this License carefully before downloading this software.
-By downloading or using this software, you are agreeing to be bound by
-the terms of this License. If you do not or cannot agree to the terms
-of this License, please do not download or use the software.
-
-1. General; Definitions. This License applies to any program or other
-work which Apple Computer, Inc. ("Apple") makes publicly available and
-which contains a notice placed by Apple identifying such program or
-work as "Original Code" and stating that it is subject to the terms of
-this Apple Public Source License version 2.0 ("License"). As used in
-this License:
-
-1.1 "Applicable Patent Rights" mean: (a) in the case where Apple is
-the grantor of rights, (i) claims of patents that are now or hereafter
-acquired, owned by or assigned to Apple and (ii) that cover subject
-matter contained in the Original Code, but only to the extent
-necessary to use, reproduce and/or distribute the Original Code
-without infringement; and (b) in the case where You are the grantor of
-rights, (i) claims of patents that are now or hereafter acquired,
-owned by or assigned to You and (ii) that cover subject matter in Your
-Modifications, taken alone or in combination with Original Code.
-
-1.2 "Contributor" means any person or entity that creates or
-contributes to the creation of Modifications.
-
-1.3 "Covered Code" means the Original Code, Modifications, the
-combination of Original Code and any Modifications, and/or any
-respective portions thereof.
-
-1.4 "Externally Deploy" means: (a) to sublicense, distribute or
-otherwise make Covered Code available, directly or indirectly, to
-anyone other than You; and/or (b) to use Covered Code, alone or as
-part of a Larger Work, in any way to provide a service, including but
-not limited to delivery of content, through electronic communication
-with a client other than You.
-
-1.5 "Larger Work" means a work which combines Covered Code or portions
-thereof with code not governed by the terms of this License.
-
-1.6 "Modifications" mean any addition to, deletion from, and/or change
-to, the substance and/or structure of the Original Code, any previous
-Modifications, the combination of Original Code and any previous
-Modifications, and/or any respective portions thereof. When code is
-released as a series of files, a Modification is: (a) any addition to
-or deletion from the contents of a file containing Covered Code;
-and/or (b) any new file or other representation of computer program
-statements that contains any part of Covered Code.
-
-1.7 "Original Code" means (a) the Source Code of a program or other
-work as originally made available by Apple under this License,
-including the Source Code of any updates or upgrades to such programs
-or works made available by Apple under this License, and that has been
-expressly identified by Apple as such in the header file(s) of such
-work; and (b) the object code compiled from such Source Code and
-originally made available by Apple under this License.
-
-1.8 "Source Code" means the human readable form of a program or other
-work that is suitable for making modifications to it, including all
-modules it contains, plus any associated interface definition files,
-scripts used to control compilation and installation of an executable
-(object code).
-
-1.9 "You" or "Your" means an individual or a legal entity exercising
-rights under this License. For legal entities, "You" or "Your"
-includes any entity which controls, is controlled by, or is under
-common control with, You, where "control" means (a) the power, direct
-or indirect, to cause the direction or management of such entity,
-whether by contract or otherwise, or (b) ownership of fifty percent
-(50%) or more of the outstanding shares or beneficial ownership of
-such entity.
-
-2. Permitted Uses; Conditions & Restrictions. Subject to the terms
-and conditions of this License, Apple hereby grants You, effective on
-the date You accept this License and download the Original Code, a
-world-wide, royalty-free, non-exclusive license, to the extent of
-Apple's Applicable Patent Rights and copyrights covering the Original
-Code, to do the following:
-
-2.1 Unmodified Code. You may use, reproduce, display, perform,
-internally distribute within Your organization, and Externally Deploy
-verbatim, unmodified copies of the Original Code, for commercial or
-non-commercial purposes, provided that in each instance:
-
-(a) You must retain and reproduce in all copies of Original Code the
-copyright and other proprietary notices and disclaimers of Apple as
-they appear in the Original Code, and keep intact all notices in the
-Original Code that refer to this License; and
-
-(b) You must include a copy of this License with every copy of Source
-Code of Covered Code and documentation You distribute or Externally
-Deploy, and You may not offer or impose any terms on such Source Code
-that alter or restrict this License or the recipients' rights
-hereunder, except as permitted under Section 6.
-
-2.2 Modified Code. You may modify Covered Code and use, reproduce,
-display, perform, internally distribute within Your organization, and
-Externally Deploy Your Modifications and Covered Code, for commercial
-or non-commercial purposes, provided that in each instance You also
-meet all of these conditions:
-
-(a) You must satisfy all the conditions of Section 2.1 with respect to
-the Source Code of the Covered Code;
-
-(b) You must duplicate, to the extent it does not already exist, the
-notice in Exhibit A in each file of the Source Code of all Your
-Modifications, and cause the modified files to carry prominent notices
-stating that You changed the files and the date of any change; and
-
-(c) If You Externally Deploy Your Modifications, You must make
-Source Code of all Your Externally Deployed Modifications either
-available to those to whom You have Externally Deployed Your
-Modifications, or publicly available. Source Code of Your Externally
-Deployed Modifications must be released under the terms set forth in
-this License, including the license grants set forth in Section 3
-below, for as long as you Externally Deploy the Covered Code or twelve
-(12) months from the date of initial External Deployment, whichever is
-longer. You should preferably distribute the Source Code of Your
-Externally Deployed Modifications electronically (e.g. download from a
-web site).
-
-2.3 Distribution of Executable Versions. In addition, if You
-Externally Deploy Covered Code (Original Code and/or Modifications) in
-object code, executable form only, You must include a prominent
-notice, in the code itself as well as in related documentation,
-stating that Source Code of the Covered Code is available under the
-terms of this License with information on how and where to obtain such
-Source Code.
-
-2.4 Third Party Rights. You expressly acknowledge and agree that
-although Apple and each Contributor grants the licenses to their
-respective portions of the Covered Code set forth herein, no
-assurances are provided by Apple or any Contributor that the Covered
-Code does not infringe the patent or other intellectual property
-rights of any other entity. Apple and each Contributor disclaim any
-liability to You for claims brought by any other entity based on
-infringement of intellectual property rights or otherwise. As a
-condition to exercising the rights and licenses granted hereunder, You
-hereby assume sole responsibility to secure any other intellectual
-property rights needed, if any. For example, if a third party patent
-license is required to allow You to distribute the Covered Code, it is
-Your responsibility to acquire that license before distributing the
-Covered Code.
-
-3. Your Grants. In consideration of, and as a condition to, the
-licenses granted to You under this License, You hereby grant to any
-person or entity receiving or distributing Covered Code under this
-License a non-exclusive, royalty-free, perpetual, irrevocable license,
-under Your Applicable Patent Rights and other intellectual property
-rights (other than patent) owned or controlled by You, to use,
-reproduce, display, perform, modify, sublicense, distribute and
-Externally Deploy Your Modifications of the same scope and extent as
-Apple's licenses under Sections 2.1 and 2.2 above.
-
-4. Larger Works. You may create a Larger Work by combining Covered
-Code with other code not governed by the terms of this License and
-distribute the Larger Work as a single product. In each such instance,
-You must make sure the requirements of this License are fulfilled for
-the Covered Code or any portion thereof.
-
-5. Limitations on Patent License. Except as expressly stated in
-Section 2, no other patent rights, express or implied, are granted by
-Apple herein. Modifications and/or Larger Works may require additional
-patent licenses from Apple which Apple may grant in its sole
-discretion.
-
-6. Additional Terms. You may choose to offer, and to charge a fee for,
-warranty, support, indemnity or liability obligations and/or other
-rights consistent with the scope of the license granted herein
-("Additional Terms") to one or more recipients of Covered Code.
-However, You may do so only on Your own behalf and as Your sole
-responsibility, and not on behalf of Apple or any Contributor. You
-must obtain the recipient's agreement that any such Additional Terms
-are offered by You alone, and You hereby agree to indemnify, defend
-and hold Apple and every Contributor harmless for any liability
-incurred by or claims asserted against Apple or such Contributor by
-reason of any such Additional Terms.
-
-7. Versions of the License. Apple may publish revised and/or new
-versions of this License from time to time. Each version will be given
-a distinguishing version number. Once Original Code has been published
-under a particular version of this License, You may continue to use it
-under the terms of that version. You may also choose to use such
-Original Code under the terms of any subsequent version of this
-License published by Apple. No one other than Apple has the right to
-modify the terms applicable to Covered Code created under this
-License.
-
-8. NO WARRANTY OR SUPPORT. The Covered Code may contain in whole or in
-part pre-release, untested, or not fully tested works. The Covered
-Code may contain errors that could cause failures or loss of data, and
-may be incomplete or contain inaccuracies. You expressly acknowledge
-and agree that use of the Covered Code, or any portion thereof, is at
-Your sole and entire risk. THE COVERED CODE IS PROVIDED "AS IS" AND
-WITHOUT WARRANTY, UPGRADES OR SUPPORT OF ANY KIND AND APPLE AND
-APPLE'S LICENSOR(S) (COLLECTIVELY REFERRED TO AS "APPLE" FOR THE
-PURPOSES OF SECTIONS 8 AND 9) AND ALL CONTRIBUTORS EXPRESSLY DISCLAIM
-ALL WARRANTIES AND/OR CONDITIONS, EXPRESS OR IMPLIED, INCLUDING, BUT
-NOT LIMITED TO, THE IMPLIED WARRANTIES AND/OR CONDITIONS OF
-MERCHANTABILITY, OF SATISFACTORY QUALITY, OF FITNESS FOR A PARTICULAR
-PURPOSE, OF ACCURACY, OF QUIET ENJOYMENT, AND NONINFRINGEMENT OF THIRD
-PARTY RIGHTS. APPLE AND EACH CONTRIBUTOR DOES NOT WARRANT AGAINST
-INTERFERENCE WITH YOUR ENJOYMENT OF THE COVERED CODE, THAT THE
-FUNCTIONS CONTAINED IN THE COVERED CODE WILL MEET YOUR REQUIREMENTS,
-THAT THE OPERATION OF THE COVERED CODE WILL BE UNINTERRUPTED OR
-ERROR-FREE, OR THAT DEFECTS IN THE COVERED CODE WILL BE CORRECTED. NO
-ORAL OR WRITTEN INFORMATION OR ADVICE GIVEN BY APPLE, AN APPLE
-AUTHORIZED REPRESENTATIVE OR ANY CONTRIBUTOR SHALL CREATE A WARRANTY.
-You acknowledge that the Covered Code is not intended for use in the
-operation of nuclear facilities, aircraft navigation, communication
-systems, or air traffic control machines in which case the failure of
-the Covered Code could lead to death, personal injury, or severe
-physical or environmental damage.
-
-9. LIMITATION OF LIABILITY. TO THE EXTENT NOT PROHIBITED BY LAW, IN NO
-EVENT SHALL APPLE OR ANY CONTRIBUTOR BE LIABLE FOR ANY INCIDENTAL,
-SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES ARISING OUT OF OR RELATING
-TO THIS LICENSE OR YOUR USE OR INABILITY TO USE THE COVERED CODE, OR
-ANY PORTION THEREOF, WHETHER UNDER A THEORY OF CONTRACT, WARRANTY,
-TORT (INCLUDING NEGLIGENCE), PRODUCTS LIABILITY OR OTHERWISE, EVEN IF
-APPLE OR SUCH CONTRIBUTOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
-DAMAGES AND NOTWITHSTANDING THE FAILURE OF ESSENTIAL PURPOSE OF ANY
-REMEDY. SOME JURISDICTIONS DO NOT ALLOW THE LIMITATION OF LIABILITY OF
-INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS LIMITATION MAY NOT APPLY
-TO YOU. In no event shall Apple's total liability to You for all
-damages (other than as may be required by applicable law) under this
-License exceed the amount of fifty dollars ($50.00).
-
-10. Trademarks. This License does not grant any rights to use the
-trademarks or trade names "Apple", "Apple Computer", "Mac", "Mac OS",
-"QuickTime", "QuickTime Streaming Server" or any other trademarks,
-service marks, logos or trade names belonging to Apple (collectively
-"Apple Marks") or to any trademark, service mark, logo or trade name
-belonging to any Contributor. You agree not to use any Apple Marks in
-or as part of the name of products derived from the Original Code or
-to endorse or promote products derived from the Original Code other
-than as expressly permitted by and in strict compliance at all times
-with Apple's third party trademark usage guidelines which are posted
-at http://www.apple.com/legal/guidelinesfor3rdparties.html.
-
-11. Ownership. Subject to the licenses granted under this License,
-each Contributor retains all rights, title and interest in and to any
-Modifications made by such Contributor. Apple retains all rights,
-title and interest in and to the Original Code and any Modifications
-made by or on behalf of Apple ("Apple Modifications"), and such Apple
-Modifications will not be automatically subject to this License. Apple
-may, at its sole discretion, choose to license such Apple
-Modifications under this License, or on different terms from those
-contained in this License or may choose not to license them at all.
-
-12. Termination.
-
-12.1 Termination. This License and the rights granted hereunder will
-terminate:
-
-(a) automatically without notice from Apple if You fail to comply with
-any term(s) of this License and fail to cure such breach within 30
-days of becoming aware of such breach;
-
-(b) immediately in the event of the circumstances described in Section
-13.5(b); or
-
-(c) automatically without notice from Apple if You, at any time during
-the term of this License, commence an action for patent infringement
-against Apple; provided that Apple did not first commence
-an action for patent infringement against You in that instance.
-
-12.2 Effect of Termination. Upon termination, You agree to immediately
-stop any further use, reproduction, modification, sublicensing and
-distribution of the Covered Code. All sublicenses to the Covered Code
-which have been properly granted prior to termination shall survive
-any termination of this License. Provisions which, by their nature,
-should remain in effect beyond the termination of this License shall
-survive, including but not limited to Sections 3, 5, 8, 9, 10, 11,
-12.2 and 13. No party will be liable to any other for compensation,
-indemnity or damages of any sort solely as a result of terminating
-this License in accordance with its terms, and termination of this
-License will be without prejudice to any other right or remedy of
-any party.
-
-13. Miscellaneous.
-
-13.1 Government End Users. The Covered Code is a "commercial item" as
-defined in FAR 2.101. Government software and technical data rights in
-the Covered Code include only those rights customarily provided to the
-public as defined in this License. This customary commercial license
-in technical data and software is provided in accordance with FAR
-12.211 (Technical Data) and 12.212 (Computer Software) and, for
-Department of Defense purchases, DFAR 252.227-7015 (Technical Data --
-Commercial Items) and 227.7202-3 (Rights in Commercial Computer
-Software or Computer Software Documentation). Accordingly, all U.S.
-Government End Users acquire Covered Code with only those rights set
-forth herein.
-
-13.2 Relationship of Parties. This License will not be construed as
-creating an agency, partnership, joint venture or any other form of
-legal association between or among You, Apple or any Contributor, and
-You will not represent to the contrary, whether expressly, by
-implication, appearance or otherwise.
-
-13.3 Independent Development. Nothing in this License will impair
-Apple's right to acquire, license, develop, have others develop for
-it, market and/or distribute technology or products that perform the
-same or similar functions as, or otherwise compete with,
-Modifications, Larger Works, technology or products that You may
-develop, produce, market or distribute.
-
-13.4 Waiver; Construction. Failure by Apple or any Contributor to
-enforce any provision of this License will not be deemed a waiver of
-future enforcement of that or any other provision. Any law or
-regulation which provides that the language of a contract shall be
-construed against the drafter will not apply to this License.
-
-13.5 Severability. (a) If for any reason a court of competent
-jurisdiction finds any provision of this License, or portion thereof,
-to be unenforceable, that provision of the License will be enforced to
-the maximum extent permissible so as to effect the economic benefits
-and intent of the parties, and the remainder of this License will
-continue in full force and effect. (b) Notwithstanding the foregoing,
-if applicable law prohibits or restricts You from fully and/or
-specifically complying with Sections 2 and/or 3 or prevents the
-enforceability of either of those Sections, this License will
-immediately terminate and You must immediately discontinue any use of
-the Covered Code and destroy all copies of it that are in your
-possession or control.
-
-13.6 Dispute Resolution. Any litigation or other dispute resolution
-between You and Apple relating to this License shall take place in the
-Northern District of California, and You and Apple hereby consent to
-the personal jurisdiction of, and venue in, the state and federal
-courts within that District with respect to this License. The
-application of the United Nations Convention on Contracts for the
-International Sale of Goods is expressly excluded.
-
-13.7 Entire Agreement; Governing Law. This License constitutes the
-entire agreement between the parties with respect to the subject
-matter hereof. This License shall be governed by the laws of the
-United States and the State of California, except that body of
-California law concerning conflicts of law.
-
-Where You are located in the province of Quebec, Canada, the following
-clause applies: The parties hereby confirm that they have requested
-that this License and all related documents be drafted in English. Les
-parties ont exige que le present contrat et tous les documents
-connexes soient rediges en anglais.
-
-EXHIBIT A.
-
-"Portions Copyright (c) 1999-2003 Apple Computer, Inc. All Rights
-Reserved.
-
-This file contains Original Code and/or Modifications of Original Code
-as defined in and that are subject to the Apple Public Source License
-Version 2.0 (the 'License'). You may not use this file except in
-compliance with the License. Please obtain a copy of the License at
-http://www.opensource.apple.com/apsl/ and read it before using this
-file.
-
-The Original Code and all software distributed under the License are
-distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
-EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
-INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
-Please see the License for the specific language governing rights and
-limitations under the License."
@@ -1,252 +0,0 @@
-This file is auto-generated by tools/dev/update_gem_licenses.sh
-Ascii85, 2.0.1, MIT
-aarch64, 2.1.0, "Apache 2.0"
-abbrev, 0.1.2, "ruby, Simplified BSD"
-actionpack, 7.2.2.2, MIT
-actionview, 7.2.2.2, MIT
-activemodel, 7.2.2.2, MIT
-activerecord, 7.2.2.2, MIT
-activesupport, 7.2.2.2, MIT
-addressable, 2.8.7, "Apache 2.0"
-afm, 0.2.2, MIT
-allure-rspec, 2.27.0, "Apache 2.0"
-allure-ruby-commons, 2.27.0, "Apache 2.0"
-arel-helpers, 2.16.0, MIT
-ast, 2.4.3, MIT
-aws-eventstream, 1.3.2, "Apache 2.0"
-aws-partitions, 1.1065.0, "Apache 2.0"
-aws-sdk-core, 3.220.1, "Apache 2.0"
-aws-sdk-ec2, 1.511.0, "Apache 2.0"
-aws-sdk-ec2instanceconnect, 1.55.0, "Apache 2.0"
-aws-sdk-iam, 1.119.0, "Apache 2.0"
-aws-sdk-kms, 1.99.0, "Apache 2.0"
-aws-sdk-s3, 1.182.0, "Apache 2.0"
-aws-sdk-ssm, 1.191.0, "Apache 2.0"
-aws-sigv4, 1.11.0, "Apache 2.0"
-base64, 0.3.0, "ruby, Simplified BSD"
-bcrypt, 3.1.20, MIT
-bcrypt_pbkdf, 1.1.1, MIT
-benchmark, 0.4.1, "ruby, Simplified BSD"
-bigdecimal, 3.3.1, "ruby, Simplified BSD"
-bindata, 2.4.15, "Simplified BSD"
-bootsnap, 1.18.4, MIT
-bson, 5.1.1, "Apache 2.0"
-builder, 3.3.0, MIT
-bundler, 2.5.22, MIT
-byebug, 12.0.0, "Simplified BSD"
-chunky_png, 1.4.0, MIT
-coderay, 1.1.3, MIT
-concurrent-ruby, 1.3.5, MIT
-connection_pool, 2.5.4, MIT
-cookiejar, 0.3.4, "Simplified BSD"
-crack, 1.0.1, MIT
-crass, 1.0.6, MIT
-csv, 3.3.2, "ruby, Simplified BSD"
-daemons, 1.4.1, MIT
-date, 3.4.1, "ruby, Simplified BSD"
-debug, 1.11.0, "ruby, Simplified BSD"
-diff-lcs, 1.6.2, "MIT, Artistic-1.0-Perl, GPL-2.0-or-later"
-dnsruby, 1.73.1, "Apache 2.0"
-docile, 1.4.1, MIT
-domain_name, 0.6.20240107, "Simplified BSD, New BSD, Mozilla Public License 2.0"
-drb, 2.2.3, "ruby, Simplified BSD"
-ed25519, 1.4.0, MIT
-elftools, 1.3.1, MIT
-em-http-request, 1.1.7, MIT
-em-socksify, 0.3.3, MIT
-erb, 5.0.3, "ruby, Simplified BSD"
-erubi, 1.13.1, MIT
-eventmachine, 1.2.7, "ruby, GPL-2.0"
-factory_bot, 6.5.5, MIT
-factory_bot_rails, 6.5.1, MIT
-faker, 3.5.1, MIT
-faraday, 2.7.11, MIT
-faraday-net_http, 3.0.2, MIT
-faraday-retry, 2.2.1, MIT
-faye-websocket, 0.11.3, "Apache 2.0"
-ffi, 1.16.3, "New BSD"
-fiddle, 1.1.6, "ruby, Simplified BSD"
-filesize, 0.2.0, MIT
-fivemat, 1.3.7, MIT
-forwardable, 1.3.3, "ruby, Simplified BSD"
-getoptlong, 0.2.1, "ruby, Simplified BSD"
-gssapi, 1.3.1, MIT
-gyoku, 1.4.0, MIT
-hashdiff, 1.2.1, MIT
-hashery, 2.1.2, "Simplified BSD"
-hrr_rb_ssh, 0.4.2, "Apache 2.0"
-hrr_rb_ssh-ed25519, 0.4.2, "Apache 2.0"
-http-accept, 1.7.0, MIT
-http-cookie, 1.0.8, MIT
-http_parser.rb, 0.8.0, MIT
-httpclient, 2.9.0, ruby
-i18n, 1.14.7, MIT
-io-console, 0.8.1, "ruby, Simplified BSD"
-ipaddr, 1.2.7, "ruby, Simplified BSD"
-irb, 1.15.2, "ruby, Simplified BSD"
-jmespath, 1.6.2, "Apache 2.0"
-jsobfu, 0.4.2, "New BSD"
-json, 2.15.1, ruby
-json-schema, 6.2.0, MIT
-language_server-protocol, 3.17.0.5, MIT
-license_finder, 5.11.1, MIT
-lint_roller, 1.1.0, MIT
-little-plugger, 1.1.4, MIT
-logger, 1.7.0, "ruby, Simplified BSD"
-logging, 2.4.0, MIT
-loofah, 2.24.1, MIT
-lru_redux, 1.1.0, MIT
-mcp, 0.13.0, "Apache 2.0"
-memory_profiler, 1.1.0, MIT
-metasm, 1.0.5, LGPL-2.1
-metasploit-concern, 5.0.5, "New BSD"
-metasploit-credential, 6.0.23, "New BSD"
-metasploit-framework, 6.4.133, "New BSD"
-metasploit-model, 5.0.4, "New BSD"
-metasploit-payloads, 2.0.245, "3-clause (or ""modified"") BSD"
-metasploit_data_models, 6.0.18, "New BSD"
-metasploit_payloads-mettle, 1.0.46, "3-clause (or ""modified"") BSD"
-method_source, 1.1.0, MIT
-mime-types, 3.7.0, MIT
-mime-types-data, 3.2025.0924, MIT
-mini_portile2, 2.8.9, MIT
-minitest, 5.25.5, MIT
-mqtt, 0.7.0, MIT
-msgpack, 1.6.1, "Apache 2.0"
-multi_json, 1.15.0, MIT
-mustermann, 3.0.3, MIT
-mutex_m, 0.3.0, "ruby, Simplified BSD"
-nessus_rest, 0.1.6, MIT
-net-imap, 0.5.6, "ruby, Simplified BSD"
-net-ldap, 0.19.0, MIT
-net-protocol, 0.2.2, "ruby, Simplified BSD"
-net-sftp, 4.0.0, MIT
-net-smtp, 0.5.1, "ruby, Simplified BSD"
-net-ssh, 7.3.0, MIT
-netrc, 0.11.0, MIT
-network_interface, 0.0.4, MIT
-nexpose, 7.3.0, "New BSD"
-nio4r, 2.7.4, "MIT, Simplified BSD"
-nokogiri, 1.18.10, MIT
-nori, 2.7.1, MIT
-octokit, 10.0.0, MIT
-openssl-ccm, 1.2.3, MIT
-openssl-cmac, 2.0.2, MIT
-openvas-omp, 0.0.4, MIT
-ostruct, 0.6.1, "ruby, Simplified BSD"
-packetfu, 2.0.0, "New BSD"
-parallel, 1.27.0, MIT
-parser, 3.3.9.0, MIT
-parslet, 1.8.2, MIT
-patch_finder, 1.0.2, "New BSD"
-pcaprub, 0.13.3, LGPL-2.1
-pdf-reader, 2.14.1, MIT
-pg, 1.5.9, "Simplified BSD"
-pp, 0.6.3, "ruby, Simplified BSD"
-prettyprint, 0.2.0, "ruby, Simplified BSD"
-prism, 1.5.1, MIT
-pry, 0.15.2, MIT
-pry-byebug, 3.11.0, MIT
-psych, 5.2.6, MIT
-public_suffix, 6.0.2, MIT
-puma, 6.6.0, "New BSD"
-racc, 1.8.1, "ruby, Simplified BSD"
-rack, 2.2.19, MIT
-rack-protection, 3.2.0, MIT
-rack-session, 1.0.2, MIT
-rack-test, 2.2.0, MIT
-rackup, 1.0.1, MIT
-rails-dom-testing, 2.3.0, MIT
-rails-html-sanitizer, 1.6.2, MIT
-railties, 7.2.2.2, MIT
-rainbow, 3.1.1, MIT
-rake, 13.3.0, MIT
-rasn1, 0.14.0, MIT
-rb-readline, 0.5.5, BSD
-rdoc, 6.15.0, ruby
-recog, 3.1.14, unknown
-redcarpet, 3.6.1, MIT
-regexp_parser, 2.11.3, MIT
-reline, 0.6.2, ruby
-require_all, 3.0.0, MIT
-rest-client, 2.1.0, MIT
-rex-arch, 0.1.20, "New BSD"
-rex-bin_tools, 0.1.16, "New BSD"
-rex-core, 0.1.36, "New BSD"
-rex-encoder, 0.1.10, "New BSD"
-rex-exploitation, 0.1.44, "New BSD"
-rex-java, 0.1.8, "New BSD"
-rex-mime, 0.1.11, "New BSD"
-rex-nop, 0.1.4, "New BSD"
-rex-ole, 0.1.9, "New BSD"
-rex-powershell, 0.1.103, "New BSD"
-rex-random_identifier, 0.1.21, "New BSD"
-rex-registry, 0.1.6, "New BSD"
-rex-rop_builder, 0.1.6, "New BSD"
-rex-socket, 0.1.65, "New BSD"
-rex-sslscan, 0.1.13, "New BSD"
-rex-struct2, 0.1.5, "New BSD"
-rex-text, 0.2.63, "New BSD"
-rex-zip, 0.1.6, "New BSD"
-rexml, 3.4.1, "Simplified BSD"
-rinda, 0.2.0, "ruby, Simplified BSD"
-rkelly-remix, 0.0.7, MIT
-rspec, 3.13.1, MIT
-rspec-core, 3.13.5, MIT
-rspec-expectations, 3.13.5, MIT
-rspec-mocks, 3.13.5, MIT
-rspec-rails, 8.0.2, MIT
-rspec-rerun, 1.1.0, MIT
-rspec-support, 3.13.6, MIT
-rubocop, 1.75.7, MIT
-rubocop-ast, 1.47.1, MIT
-ruby-macho, 4.1.0, MIT
-ruby-mysql, 4.2.0, MIT
-ruby-prof, 1.7.2, "Simplified BSD"
-ruby-progressbar, 1.13.0, MIT
-ruby-rc4, 0.1.5, MIT
-ruby2_keywords, 0.0.5, "ruby, Simplified BSD"
-ruby_smb, 3.3.17, "New BSD"
-rubyntlm, 0.6.5, MIT
-rubyzip, 2.4.1, "Simplified BSD"
-sawyer, 0.9.2, MIT
-securerandom, 0.4.1, "ruby, Simplified BSD"
-simplecov, 0.18.2, MIT
-simplecov-html, 0.13.1, MIT
-simpleidn, 0.2.3, MIT
-sinatra, 3.2.0, MIT
-sqlite3, 1.7.3, "New BSD"
-sshkey, 3.0.0, MIT
-stringio, 3.1.1, "ruby, Simplified BSD"
-strptime, 0.2.5, "Simplified BSD"
-swagger-blocks, 3.0.0, MIT
-syslog, 0.3.0, "ruby, Simplified BSD"
-test-prof, 1.4.4, MIT
-thin, 1.8.2, "GPL-2.0+, ruby"
-thor, 1.4.0, MIT
-tilt, 2.6.0, MIT
-timecop, 0.9.10, MIT
-timeout, 0.4.3, "ruby, Simplified BSD"
-toml, 0.2.0, MIT
-tsort, 0.2.0, "ruby, Simplified BSD"
-ttfunk, 1.8.0, "Nonstandard, GPL-2.0-only, GPL-3.0-only"
-tzinfo, 2.0.6, MIT
-tzinfo-data, 1.2025.1, MIT
-unicode-display_width, 3.2.0, MIT
-unicode-emoji, 4.1.0, MIT
-unix-crypt, 1.3.1, 0BSD
-useragent, 0.16.11, MIT
-warden, 1.2.9, MIT
-webmock, 3.26.2, MIT
-webrick, 1.9.1, "ruby, Simplified BSD"
-websocket-driver, 0.7.7, "Apache 2.0"
-websocket-extensions, 0.1.5, "Apache 2.0"
-win32api, 0.1.0, unknown
-windows_error, 0.1.5, BSD
-winrm, 2.3.9, "Apache 2.0"
-with_env, 1.1.0, MIT
-xdr, 3.0.3, "Apache 2.0"
-xml-simple, 1.1.9, MIT
-xmlrpc, 0.3.3, "ruby, Simplified BSD"
-yard, 0.9.37, MIT
-zeitwerk, 2.7.3, MIT
@@ -1,52 +1,55 @@
-# Metasploit Framework

-The Metasploit Framework is an open-source tool released under a BSD-style license. For detailed licensing information, refer to the `COPYING` file.
+Metasploit [![Build Status](https://travis-ci.org/rapid7/metasploit-framework.png)](https://travis-ci.org/rapid7/metasploit-framework) [![Code Climate](https://codeclimate.com/badge.png)](https://codeclimate.com/github/rapid7/metasploit-framework)
+==
+The Metasploit Framework is released under a BSD-style license. See
+COPYING for more details.

-## Latest Version
-Access the latest version of Metasploit from the [Nightly Installers](https://docs.metasploit.com/docs/using-metasploit/getting-started/nightly-installers.html) page.
+The latest version of this software is available from http://metasploit.com/

-## Documentation
-Comprehensive documentation, including usage guides, is available at [Metasploit Docs](https://docs.metasploit.com/).
+Bug tracking and development information can be found at:
+ https://dev.metasploit.com/redmine/projects/framework/

-## Development Environment
-To set up a development environment, visit the [Development Setup Guide](https://docs.metasploit.com/docs/development/get-started/setting-up-a-metasploit-development-environment.html).
+The public GitHub source repository can be found at:
+ https://github.com/rapid7/metasploit-framework

-## Bug and Feature Requests
-Submit bugs and feature requests via the [GitHub Issues](https://github.com/rapid7/metasploit-framework/issues) tracker. New submissions can be made through the [MSF-BUGv1 form](https://github.com/rapid7/metasploit-framework/issues/new/choose).
+Questions and suggestions can be sent to:
+ msfdev(at)metasploit.com

-## API Documentation
-For information on writing modules, refer to the [API Documentation](https://docs.metasploit.com/api/).
+The framework mailing list is the place to discuss features and ask for help.
+To subscribe, visit the following web page:
+ https://mail.metasploit.com/mailman/listinfo/framework

-## Support and Communication
-For questions and suggestions, you can:
+The mailing list archives are available from:
+ https://mail.metasploit.com/pipermail/framework/

- Join our [GitHub Discussions](https://github.com/rapid7/metasploit-framework/discussions) for community support and general questions
- Join the [Metasploit Slack](https://join.slack.com/t/metasploit/shared_invite/zt-30i688it0-mJsFGT44IMtdeZi1DraamQ) for real-time chat
- Submit [GitHub Issues](https://github.com/rapid7/metasploit-framework/issues) for bug reports and feature requests
- Follow [@metasploit](https://x.com/metasploit) on X or [@metasploit@infosec.exchange](https://infosec.exchange/@metasploit) on Mastodon for updates
+Installing
+--
+Generally, you should use the installer which contains all dependencies
+and will get you up and running with a few clicks. See the [Dev
+Environment Setup][wiki-devenv] if you'd like to deal with dependencies
+on your own.

-**Note:** Some community members may still use IRC channels and the metasploit-hackers mailing list, though the primary support channels are now GitHub Discussions and Slack.
+Using Metasploit
+--
+Metasploit can do all sorts of things. The first thing you'll want to do
+is start `msfconsole`, but after that, you'll probably be best served by
+reading some of the great tutorials online:

-## Installing Metasploit
+  * [Metasploit Unleashed][unleashed]
+  * [The official Metasploit wiki on Github][wiki-start]

-### Recommended Installation
+Contributing
+--
+See the [Dev Environment Setup][wiki-devenv] guide on GitHub which will
+walk you through the whole process starting from installing all the
+dependencies, to cloning the repository, and finally to submitting a
+pull request. For slightly more info, see
+[Contributing](https://github.com/rapid7/metasploit-framework/blob/master/CONTRIBUTING.md).

-We recommend installation with the [official Metasploit installers](https://docs.metasploit.com/docs/using-metasploit/getting-started/nightly-installers.html#installing-metasploit-on-linux--macos) on Linux or macOS. Metasploit is also pre-installed with Kali.

-For a manual setup, consult the [Dev Environment Setup](https://docs.metasploit.com/docs/development/get-started/setting-up-a-metasploit-development-environment.html) guide.
+[wiki-devenv]: https://github.com/rapid7/metasploit-framework/wiki/Metasploit-Development-Environment "Metasploit Development Environment Setup"
+[wiki-start]: https://github.com/rapid7/metasploit-framework/wiki/ "Metasploit Wiki"
+[wiki-usage]: https://github.com/rapid7/metasploit-framework/wiki/Using-Metasploit "Using Metasploit"
+[unleashed]: http://www.offensive-security.com/metasploit-unleashed/ "Metasploit Unleashed"

-## Using Metasploit

-To get started with Metasploit:
-
-1. **Start `msfconsole`:** This is the primary interface for interacting with Metasploit.
-2. **Explore Resources:** 
-   - Visit the [Using Metasploit](https://docs.metasploit.com/docs/using-metasploit/getting-started/index.html) section of the documentation.
-
-## Contributing
-
-To contribute to Metasploit:
-
-1. **Setup Development Environment:** Follow the instructions in the [Development Setup Guide](https://docs.metasploit.com/docs/development/get-started/setting-up-a-metasploit-development-environment.html) on GitHub.
-2. **Clone the Repository:** Obtain the source code from the official repository.
-3. **Submit a Pull Request:** After making changes, submit a pull request for review. Additional details can be found in the [Contributing Guide](https://github.com/rapid7/metasploit-framework/blob/master/CONTRIBUTING.md).
@@ -1,30 +1,47 @@
-#!/usr/bin/env rake
-require File.expand_path('../config/application', __FILE__)
-require 'msfenv'
-require 'metasploit/framework/require'
-require 'metasploit/framework/spec/untested_payloads'
+require 'bundler/setup'

-# @note must be before `Metasploit::Framework::Application.load_tasks`
-#
-# define db rake tasks from activerecord if activerecord is in the bundle.  activerecord could be not in the bundle if
-# the user installs with `bundle install --without db`
-Metasploit::Framework::Require.optionally_active_record_railtie
+require 'rspec/core/rake_task'
+require 'yard'

-begin
-  require 'rspec/core'
-  require 'rspec-rerun/tasks'
-rescue LoadError
-  puts "rspec not in bundle, so can't set up spec tasks.  " \
-       "To run specs ensure to install the development and test groups."
-  puts "Bundle currently installed '--without #{Bundler.settings.without.join(' ')}'."
-  puts "To clear the without option do `bundle install --without ''` (the --without flag with an empty string) or " \
-       "`rm -rf .bundle` to remove the .bundle/config manually and then `bundle install`"
-else
-  require 'rspec/core/rake_task'
-  RSpec::Core::RakeTask.new(spec: 'db:test:prepare')
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec
+
+namespace :yard do
+  yard_files = [
+      # Ruby source files first
+      'lib/msf/**/*.rb',
+      'lib/rex/**/*.rb',
+      # Anything after '-' is a normal documentation, not source
+      '-',
+      'COPYING',
+      'HACKING',
+      'THIRD-PARTY.md'
+  ]
+  yard_options = [
+      # include documentation for protected methods for developers extending the code.
+      '--protected'
+  ]
+
+  YARD::Rake::YardocTask.new(:doc) do |t|
+    t.files = yard_files
+    # --no-stats here as 'stats' task called after will print fuller stats
+    t.options = yard_options + ['--no-stats']
+
+    t.after = Proc.new {
+      Rake::Task['yard:stats'].execute
+    }
+  end
+
+  desc "Shows stats for YARD Documentation including listing undocumented modules, classes, constants, and methods"
+  task :stats => :environment do
+    stats = YARD::CLI::Stats.new
+    yard_arguments = yard_options + ['--compact', '--list-undoc'] + yard_files
+    stats.run(*yard_arguments)
+  end
 end

-Metasploit::Framework::Application.load_tasks
-Metasploit::Framework::Spec::Constants.define_task
-Metasploit::Framework::Spec::Threads::Suite.define_task
-Metasploit::Framework::Spec::UntestedPayloads.define_task
+# @todo Figure out how to just clone description from yard:doc
+desc "Generate YARD documentation"
+# allow calling namespace to as a task that goes to default task for namespace
+task :yard => ['yard:doc']
@@ -1,57 +0,0 @@
-# -*- mode: ruby -*-
-# vi: set ft=ruby :
-
-display_name = "metasploit-framework"
-
-Vagrant.configure(2) do |config|
-  config.ssh.forward_x11 = true
-  config.vm.box = "hashicorp/bionic64" # https://app.vagrantup.com/hashicorp/boxes/bionic64
-  config.vm.network :forwarded_port, guest: 4444, host: 4444
-  config.vm.provider "vmware_desktop" do |v|
-	  v.memory = 2048
-	  v.cpus = 2
-    v.vmx['displayname'] = display_name
-    #v.gui = true # uncomment to show VM in your hypervisor's GUI
-  end
-  config.vm.provider "virtualbox" do |v|
-    v.name = display_name
-	  v.memory = 2048
-	  v.cpus = 2
-    #v.gui = true # uncomment to show VM in your hypervisor's GUI
-  end
-  %w(.vimrc .gitconfig).each do |f|
-    local = File.expand_path "~/#{f}"
-    if File.exist? local
-      config.vm.provision "file", source: local, destination: f
-    end
-  end
-
-  [ #"echo 127.0.1.1 `cat /etc/hostname` >> /etc/hosts", work around a bug in official Ubuntu Xenial cloud images
-    "apt-get update",
-    "apt-get dist-upgrade -y",
-    "apt-get -y install curl build-essential git tig vim john nmap libpq-dev libpcap-dev gnupg2 fortune postgresql postgresql-contrib",
-  ].each do |step|
-    config.vm.provision "shell", inline: step
-  end
-
-  [ # use the rvm install method used in omnibus install
-    # only show stderr when gpg really fails. avoids superfluous stderr from gpg
-    'out=`curl -sSL https://rvm.io/mpapis.asc | gpg --import - 2>&1` && echo "imported mpapis.asc" || echo $out 1>&2',
-    'out=`curl -sSL https://rvm.io/pkuczynski.asc | gpg --import - 2>&1` && echo "imported pkuczynski.asc" || echo $out 1>&2',
-    'out=`curl -L -sSL https://get.rvm.io | bash -s stable 2>&1` && echo "rvm installed" || echo $out 1>&2',
-    # only install Ruby if the right version isn't already present
-    "echo 'Installing Ruby if necessary'",
-    'cd /vagrant && rv=`cat .ruby-version` && source ~/.rvm/scripts/rvm && rvm list strings | grep -q $rv || rvm install $rv',
-    'source ~/.rvm/scripts/rvm && cd /vagrant && gem install --quiet bundler && bundle',
-    'mkdir -p ~/.msf4',
-  ].each do |step|
-    config.vm.provision "shell", privileged: false, inline: step
-  end
-  config.vm.provision "file", source: "config/database.yml.vagrant", destination: "~/.msf4/database.yml"
-
-  config.vm.provision "shell", inline: "sudo -u postgres psql postgres -tAc \"SELECT 1 FROM pg_roles WHERE rolname='vagrant'\" | grep -q 1 || sudo -u postgres createuser -s -e -w vagrant && sudo -u postgres psql -c \"ALTER USER vagrant with ENCRYPTED PASSWORD 'vagrant';\""
-
-  ["msf_dev_db", "msf_test_db"].each do |database|
-    config.vm.provision "shell", inline: "sudo -u postgres psql -lqt | awk '{ print $1 }' | grep -w #{database} | wc -l | grep -q 1 || sudo -u postgres createdb --owner vagrant #{database}"
-  end
-end
@@ -1 +0,0 @@
-This directory contains ActiveRecord concerns, models and validators.
@@ -1,82 +0,0 @@
-module Mdm::Workspace::BoundaryRange
-  extend ActiveSupport::Concern
-
-  included do
-    #
-    # Validations
-    #
-
-    validate :boundary_must_be_ip_range
-
-    #
-    # Instance Methods
-    #
-
-    # If {#limit_to_network} is disabled, this will always return `true`.
-    # Otherwise, return `true` only if all of the given IPs are within the
-    # project {#boundary boundaries}.
-
-    #
-    # @param ips [String] IP range(s)
-    # @return [true] if actions on ips are allowed.
-    # @return [false] if actions are not allowed on ips.
-    def allow_actions_on?(ips)
-      return true unless limit_to_network
-      return true unless boundary
-      return true if boundary.empty?
-      boundaries = Shellwords.split(boundary)
-      return true if boundaries.empty? # It's okay if there is no boundary range after all
-      given_range = Rex::Socket::RangeWalker.new(ips)
-      return false unless given_range # Can't do things to nonexistant IPs
-      allowed = false
-      boundaries.each do |boundary_range|
-        ok_range = Rex::Socket::RangeWalker.new(boundary)
-        allowed  = true if ok_range.include_range? given_range
-      end
-      return allowed
-    end
-
-    # Validates that {#boundary} is {#valid_ip_or_range? a valid IP address or
-    # IP address range}. Due to this not being tested before it was moved here
-    # from Mdm, the default workspace does not validate. We always validate boundaries
-    # and a workspace may have a blank default boundary.
-    #
-    # @return [void]
-    def boundary_must_be_ip_range
-      unless boundary.blank?
-        begin
-          boundaries = Shellwords.split(boundary)
-        rescue ArgumentError
-          boundaries = []
-        end
-
-        boundaries.each do |range|
-          unless valid_ip_or_range?(range)
-            errors.add(:boundary, "must be a valid IP range")
-          end
-        end
-      end
-    end
-
-    # Returns an array of addresses ranges
-    #
-    # @return [Array<String>]
-    def addresses
-      (boundary || "").split("\n")
-    end
-
-    private
-
-    # Returns whether `string` is a valid IP address or IP address range.
-    #
-    # @return [true] if valid IP address or IP address range.
-    # @return [false] otherwise.
-    def valid_ip_or_range?(string)
-      range = Rex::Socket::RangeWalker.new(string)
-      range && range.ranges && range.ranges.any?
-    end
-
-  end
-
-
-end
@@ -1,23 +0,0 @@
-# Adds associations to `Metasploit::Credential::Core` which are inverses of association on models under
-# {BruteForce::Reuse}.
-require 'metasploit/framework/credential'
-
-module Metasploit::Credential::Core::ToCredential
-  extend ActiveSupport::Concern
-  
-  included do
-    
-    def to_credential
-      Metasploit::Framework::Credential.new(
-        public:       public.try(:username) || '',
-        private:      private.try(:data)    || '',
-        private_type: private.try(:type).try(:demodulize).try(:underscore).try(:to_sym), 
-        realm:        realm.try(:value), 
-        realm_key:    realm.try(:key),
-        parent:       self
-      )
-    end
-    
-  end
-  
-end
@@ -1,5 +0,0 @@
-class ApplicationRecord < ActiveRecord::Base
-  self.abstract_class = true
-  include ArelHelpers::ArelTable
-  include ArelHelpers::JoinAssociation
-end
@@ -1,2 +0,0 @@
-require 'metasploit/framework/file_path_validator'
-require 'metasploit/framework/executable_path_validator'
@@ -1,16 +0,0 @@
-module Metasploit
-  module Framework
-    # This is a ActiveModel custom validator that assumes the attribute
-    # is supposed to be the path to a regular file. It checks whether the
-    # file exists and whether or not it is an executable file.
-    class ExecutablePathValidator < ActiveModel::EachValidator
-
-      def validate_each(record, attribute, value)
-        unless ::File.executable? value
-          record.errors.add(attribute, (options[:message] || "is not a valid path to an executable file"))
-        end
-      end
-    end
-  end
-end
-
@@ -1,16 +0,0 @@
-module Metasploit
-  module Framework
-    # This is a ActiveModel custom validator that assumes the attribute
-    # is supposed to be the path to a regular file. It checks whether the
-    # file exists and whether or not it is a regular file.
-    class FilePathValidator < ActiveModel::EachValidator
-
-      def validate_each(record, attribute, value)
-        unless value && ::File.file?(value)
-          record.errors.add(attribute, (options[:message] || "is not a valid path to a regular file"))
-        end
-      end
-    end
-  end
-end
-
@@ -0,0 +1,19 @@
+#!/usr/bin/env ruby
+#
+# $Id$
+#
+# Ruby front-end to the Armitage Java user interface
+#
+# $Revision$
+#
+
+msfbase = __FILE__
+while File.symlink?(msfbase)
+	msfbase = File.expand_path(File.readlink(msfbase), File.dirname(msfbase))
+end
+
+if RUBY_PLATFORM =~ /mswin|mingw/i
+	exec "javaw", "-jar", "#{File.dirname(msfbase)}/data/armitage/armitage.jar", *ARGV
+else
+	exec "java", "-jar", "#{File.dirname(msfbase)}/data/armitage/armitage.jar", *ARGV
+end
@@ -1,3 +0,0 @@
-Contains various files that help configure Metasploit. Most files here you'll never have to deal with, though
-`database.yml.example` might be useful for those looking to configure their database, and `openssl.conf`
-might be helpful for those trying to troubleshoot OpenSSL issues in Metasploit.
@@ -1,73 +0,0 @@
-require 'fiddle'
-Fiddle.const_set(:VERSION, '0.0.0') unless Fiddle.const_defined?(:VERSION)
-
-require 'rails'
-require File.expand_path('../boot', __FILE__)
-
-require 'action_view'
-# Monkey patch https://github.com/rails/rails/blob/v7.2.2.1/actionview/lib/action_view/helpers/tag_helper.rb#L51
-# Might be fixed by 8.x https://github.com/rails/rails/blob/v8.0.2/actionview/lib/action_view/helpers/tag_helper.rb#L51C1-L52C1
-raise unless ActionView::VERSION::STRING == '7.2.2.2' # A developer will need to ensure this is still required when bumping rails
-module ActionView::Helpers::TagHelper
-  class TagBuilder
-    def self.define_element(name, code_generator:, method_name: name.to_s.underscore)
-      code_generator.define_cached_method(method_name, namespace: :tag_builder) do |batch|
-        # Fixing a bug introduced by Metasploit's global Kernel patch: https://github.com/rapid7/metasploit-framework/blob/ae1db09f32cd04c007dbf445cf16dc22c9fc2e53/lib/rex.rb#L74-L79
-        # which fails when using the below 'instance_methods.include?(method_name.to_sym)' check
-        batch.push(<<~RUBY) # unless instance_methods.include?(method_name.to_sym)
-              def #{method_name}(content = nil, escape: true, **options, &block)
-                tag_string("#{name}", content, options, escape: escape, &block)
-              end
-            RUBY
-      end
-    end
-  end
-end
-
-all_environments = [
-    :development,
-    :production,
-    :test
-]
-
-Bundler.require(
-    *Rails.groups(
-        coverage: [:test],
-        db: all_environments,
-        pcap: all_environments
-    )
-)
-
-#
-# Railties
-#
-
-# For compatibility with jquery-rails (and other engines that need action_view) in pro
-require 'action_controller/railtie'
-require 'action_view/railtie'
-
-#
-# Project
-#
-
-require 'metasploit/framework/common_engine'
-require 'metasploit/framework/database'
-module Metasploit
-  module Framework
-    class Application < Rails::Application
-      include Metasploit::Framework::CommonEngine
-
-      config.paths['log']             = "#{Msf::Config.log_directory}/#{Rails.env}.log"
-      config.paths['config/database'] = [Metasploit::Framework::Database.configurations_pathname.try(:to_path)]
-      config.autoloader = :zeitwerk
-
-      config.load_defaults 7.2
-
-      config.eager_load = false
-    end
-  end
-end
-
-# Silence warnings about this defaulting to true
-I18n.enforce_available_locales = true
-require 'msfenv'
@@ -1,101 +0,0 @@
-require 'pathname'
-require 'rubygems'
-
-GEMFILE_EXTENSIONS = [
-    '.local',
-    ''
-]
-
-msfenv_real_pathname = Pathname.new(__FILE__).realpath
-root = msfenv_real_pathname.parent.parent
-
-unless ENV['BUNDLE_GEMFILE']
-  require 'pathname'
-
-  GEMFILE_EXTENSIONS.each do |extension|
-    extension_pathname = root.join("Gemfile#{extension}")
-
-    if extension_pathname.readable?
-      ENV['BUNDLE_GEMFILE'] = extension_pathname.to_path
-      break
-    end
-  end
-end
-
-begin
-  require 'bundler/setup'
-rescue LoadError => e
-  $stderr.puts "[*] Bundler failed to load and returned this error:"
-  $stderr.puts
-  $stderr.puts "   '#{e}'"
-  $stderr.puts
-  $stderr.puts "[*] You may need to uninstall or upgrade bundler"
-  exit(1)
-end
-
-lib_path = root.join('lib').to_path
-
-unless $LOAD_PATH.include? lib_path
-  $LOAD_PATH.unshift lib_path
-end
-
-require 'digest'
-require 'metasploit/framework/version'
-require 'msf/base/config'
-
-# Invalidate and delete the bootsnap cache if required. For instance if the metasploit-framework version has changed.
-#
-# @param [Hash] bootsnap_config See https://github.com/Shopify/bootsnap/blob/95e8d170aea99a831fd484ce09ad2f195644e740/lib/bootsnap.rb#L38
-# @return [void]
-def invalidate_bootsnap_cache!(bootsnap_config)
-  expected_cache_metadata = {
-    'metasploit_framework_version' => Metasploit::Framework::Version::VERSION,
-    'ruby_description' => RUBY_DESCRIPTION,
-    'bundler_lockfile_hash' => Digest::MD5.hexdigest(Bundler.read_file(Bundler.default_lockfile)),
-    'bootsnap_config' => {
-      'load_path_cache' => bootsnap_config[:load_path_cache],
-      'compile_cache_iseq' => bootsnap_config[:compile_cache_iseq],
-      'compile_cache_yaml' => bootsnap_config[:compile_cache_yaml],
-    }
-  }
-
-  cache_metadata_path = File.join(bootsnap_config[:cache_dir], "metadata.yaml")
-  if File.exist?(cache_metadata_path)
-    cache_metadata = YAML.safe_load(File.binread(cache_metadata_path))
-    if cache_metadata != expected_cache_metadata
-      FileUtils.rm_rf(bootsnap_config[:cache_dir], secure: true)
-    end
-  end
-
-  FileUtils.mkdir_p(bootsnap_config[:cache_dir])
-  File.binwrite(cache_metadata_path, expected_cache_metadata.to_yaml)
-
-  nil
-end
-
-# Attempt to use bootsnap caching for improved startup time
-begin
-  require 'bootsnap'
-  env = ENV['RAILS_ENV'] || ENV['RACK_ENV'] || ENV['ENV']
-  development_mode = ['', nil, 'development'].include?(env)
-
-  cache_dir = ::File.join(Msf::Config.config_directory, "bootsnap_cache")
-  bootsnap_config = {
-    cache_dir: cache_dir,
-    ignore_directories: [],
-    development_mode: development_mode,
-    load_path_cache: true, # Optimize the LOAD_PATH with a cache
-    compile_cache_iseq: false, # Don't compile Ruby code into ISeq cache, breaks coverage reporting.
-    compile_cache_yaml: false, # Don't compile YAML into a cache
-    readonly: false, # Update caches - https://github.com/Shopify/bootsnap/commit/b51397f96c33aa421fd5c29484fb9574df9eb451
-  }
-  invalidate_bootsnap_cache!(bootsnap_config)
-  Bootsnap.setup(**bootsnap_config)
-rescue => e
-  $stderr.puts "Warning: Failed bootsnap cache setup - #{e.class} #{e} #{e.backtrace}"
-  begin
-    FileUtils.rm_rf(cache_dir, secure: true)
-  rescue
-    $stderr.puts 'Warning: Failed deleting bootsnap cache'
-  end
-end
@@ -1,11 +0,0 @@
-<%
-rerun = File.file?('rerun.txt') ? IO.read('rerun.txt') : ""
-rerun_opts = rerun.to_s.strip.empty? ? "--format #{ENV['CUCUMBER_FORMAT'] || 'progress'} features" : "--format #{ENV['CUCUMBER_FORMAT'] || 'pretty'} #{rerun}"
-std_opts = "--format #{ENV['CUCUMBER_FORMAT'] || 'pretty'} --strict --tags ~@wip"
-ignored_tags = "--tags ~@boot --tags ~@targets"
-%>
-default: <%= std_opts %> <%= ignored_tags %> features
-boot: <%= std_opts %> --tags @boot features
-exploit: <%= std_opts %> --tags @targets features
-wip: --tags @wip:3 --wip features
-rerun: <%= rerun_opts %> --format rerun --out rerun.txt --strict --tags ~@wip
@@ -1,32 +0,0 @@
-# To set up a metasploit database, follow the directions hosted at:
-# http://r-7.co/MSF-DEV#set-up-postgresql
-#
-# Kali Linux and the Omnibus installers both include an easy wrapper script for
-# managing your database, which may be more convenient than rolling your own.
-
-development: &pgsql
-  adapter: postgresql
-  database: metasploit_framework_development
-  username: metasploit_framework_development
-  password: __________________________________
-  host: localhost
-  port: 5432
-  pool: 200
-  timeout: 5
-
-# You will often want to seperate your databases between dev
-# mode and prod mode. Absent a production db, though, defaulting
-# to dev is pretty sensible for many developer-users.
-production: &production
-  <<: *pgsql
-
-# Warning: The database defined as "test" will be erased and
-# re-generated from your development database when you run "rake".
-# Do not set this db to the same as development or production.
-#
-# Note also, sqlite3 is totally unsupported by Metasploit now.
-test:
-  <<: *pgsql
-  database: metasploit_framework_test
-  username: metasploit_framework_test
-  password: ___________________________
@@ -1,25 +0,0 @@
-# @note This file is only for use in GitHub Actions.  If you need to make a
-# config/database.yml for running rake, rake spec, or rspec locally, please
-# customize `conifg/database.yml.example`
-#
-# @example Customizing config/database.yml.example
-#   cp config/database.yml.example config/database.yml
-#   # update password fields for each environment's user
-
-development: &pgsql
-  adapter: postgresql
-  database: metasploit_framework_development
-  host: localhost
-  username: postgres
-  password: postgres
-  pool: 25
-  timeout: 5
-
-# Warning: The database defined as "test" will be erased and
-# re-generated from your development database when you run "rake".
-# Do not set this db to the same as development or production.
-#
-# Note also, sqlite3 is totally unsupported by Metasploit now.
-test:
-  <<: *pgsql
-  database: metasploit_framework_test
@@ -1,18 +0,0 @@
-development: &pgsql
-  adapter: postgresql
-  database: msf_dev_db
-  username: vagrant
-  password: vagrant
-  host: localhost
-  port: 5432
-  pool: 200
-  timeout: 5
-
-production: &production
-  <<: *pgsql
-
-test:
-  <<: *pgsql
-  database: msf_test_db
-  username: vagrant
-  wassword: vagrant
@@ -1,4 +0,0 @@
-# Load the rails application
-require File.expand_path('../application', __FILE__)
-# Initialize the rails application
-Metasploit::Framework::Application.initialize!
@@ -1,5 +0,0 @@
-if defined? Metasploit::Framework::Application
-  Metasploit::Framework::Application.configure do
-    config.log_level = :info
-  end
-end
@@ -1,33 +0,0 @@
-# Metasploit RPC API connection (MessagePack)
-msf_api:
-  type: messagepack
-  host: localhost
-  port: 55553
-  ssl: true
-  endpoint: /api/
-  user: msfuser
-  password: CHANGEME
-  auto_start_rpc: true  # Automatically start the RPC server if not running (default: true)
-
-# MCP server configuration
-mcp:
-  transport: stdio  # stdio (default) or http
-  # MCP server network configuration (for HTTP transport only)
-  host: localhost  # Host to bind to (default: localhost)
-  port: 3000       # Port to listen on (default: 3000)
-
-# Rate limiting (optional - defaults shown)
-rate_limit:
-  enabled: true
-  requests_per_minute: 60
-  # If the `burst_size` is greater than `requests_per_minute`, a user will be allowed to exceed the rate limit temporarily.
-  # For example, with `requests_per_minute=5` and `burst_size=10`, a user could make 10 requests in a short period,
-  # but then would be limited to 5 requests per minute thereafter.
-  burst_size: 10
-
-# Logging (optional - defaults shown)
-logging:
-  enabled: false
-  level: INFO  # DEBUG, INFO, WARN, ERROR
-  log_file: ~/.msf4/logs/msfmcp.log
-  sanitize: true
@@ -1,32 +0,0 @@
-# Metasploit RPC API connection (JSON-RPC)
-msf_api:
-  type: json-rpc
-  host: localhost
-  port: 8081
-  ssl: true
-  endpoint: /api/v1/json-rpc
-  token: YOUR_BEARER_TOKEN_HERE
-  # auto_start_rpc is not supported for JSON-RPC (only MessagePack)
-
-# MCP server configuration
-mcp:
-  transport: stdio  # stdio (default) or http
-  # MCP server network configuration (for HTTP transport only)
-  host: localhost  # Host to bind to (default: localhost)
-  port: 3000       # Port to listen on (default: 3000)
-
-# Rate limiting (optional - defaults shown)
-rate_limit:
-  enabled: true
-  requests_per_minute: 60
-  # If the `burst_size` is greater than `requests_per_minute`, a user will be allowed to exceed the rate limit temporarily.
-  # For example, with `requests_per_minute=5` and `burst_size=10`, a user could make 10 requests in a short period,
-  # but then would be limited to 5 requests per minute thereafter.
-  burst_size: 10
-
-# Logging (optional - defaults shown)
-logging:
-  enabled: false
-  level: INFO  # DEBUG, INFO, WARN, ERROR
-  log_file: ~/.msf4/logs/msfmcp.log
-  sanitize: true
@@ -1,23 +0,0 @@
-openssl_conf = openssl_init
-
-[openssl_init]
-providers = provider_sect
-ssl_conf = ssl_sect
-
-[provider_sect]
-default = default_sect
-legacy = legacy_sect
-
-[default_sect]
-activate = 1
-
-[legacy_sect]
-activate = 1
-
-[ssl_sect]
-system_default = system_default_sect
-
-[system_default_sect]
-MinProtocol = SSLv3
-CipherString = ALL:@SECLEVEL=0
-Options = UnsafeLegacyRenegotiation
@@ -1,17 +0,0 @@
---
-info:
-  title: Metasploit Framework
-  description: Metasploit Framework
-  x-cortex-git:
-    github:
-      alias: r7org
-      repository: rapid7/metasploit-framework
-  x-cortex-tag: metasploit-framework
-  x-cortex-type: service
-  x-cortex-domain-parents:
-  - tag: metasploit
-  x-cortex-groups:
-  - exposure:external-ship
-openapi: 3.0.1
-servers:
- url: "/"
@@ -1,7 +0,0 @@
-This folder contains various data files used for a variety of purposes, including but not limited to banners for the
-console, exploit source code for exploits (under `data/exploits`), template code and binaries, wordlists and shellcode.
-
-As a general rule of thumb this folder will most often be used when you are using compiled binaries or source code from
-other exploits for cases such as local privilege escalation exploits and need to provide the exploit code and compiled
-binaries so that maintainers can verify the binary and compile it themselves, as so that modules can find the R7 compiled
-version of the resulting binary for use during exploitation.
@@ -0,0 +1 @@
+java -jar armitage.jar $*
@@ -0,0 +1,90 @@
+=============================================================================
+Armitage - Cyber Attack Management for Metasploit
+=============================================================================
+   
+                 *** http://www.fastandeasyhacking.com ***
+
+1. What is Armitage?
+   -----------------
+
+Armitage is a graphical cyber attack management tool for Metasploit that 
+visualizes your targets, recommends exploits, and exposes the advanced 
+capabilities of the framework.
+
+Advanced users will find Armitage valuable for managing remote Metasploit 
+instances and collaboration. Armitage's red team collaboration features allow 
+your team to use the same sessions, share data, and communicate through one 
+Metasploit instance.
+
+Armitage aims to make Metasploit usable for security practitioners who 
+understand hacking but don't use Metasploit every day. If you want to learn 
+Metasploit and grow into the advanced features, Armitage can help you.
+
+2. Documentation
+   -------------
+
+The documentation for Armitage is located on the Armitage website at:
+http://www.fastandeasyhacking.com. Read the FAQ and the Manual for 
+information on connecting Armitage to Metasploit and using it.
+
+3. Install and Update
+   ----------
+
+To get started, see the manual at http://www.fastandeasyhacking.com
+
+4. Source Code
+   -----------
+
+This projected is hosted on Google Code at:
+http://code.google.com/p/armitage/
+
+5. Disclaimer
+   ----------
+
+Use this code for your development and don't hack systems that you don't 
+have permission to hack. The existence of this software does not reflect the 
+opinions or beliefs of my current employers, past employers, future 
+employers, or any small animals I come into contact with. Enjoy this 
+software with my blessing. I hope it helps you learn and become a better 
+security professional.
+
+6. Contact
+   -------
+
+Report bugs in the issue tracker at:
+http://code.google.com/p/armitage/issues/list
+
+E-mail contact@fastandeasyhacking.com with other questions/concerns. Make
+sure you peruse the FAQ and Manual first. 
+
+7. License
+   -------
+
+(c) 2010-2013 Raphael Mudge. This project is licensed under the BSD license. 
+See section 8 for more information.
+
+lib/jgraphx.jar is used here within the terms of the BSD license offered by
+JGraphX Ltd. http://www.jgraphx.com/
+-
+lib/msgpack-0.5.1-devel.jar and lib/postgresql-9.1-901.jdbc4.jar are both 
+BSD licensed libraries.
+-
+Some code in src/msf/* comes from msfgui by scriptjunkie. 
+-
+This project uses the LGPL Sleep scripting language with no modifications. 
+Sleep's source is available at: http://sleep.dashnine.org/
+
+8. The BSD License
+   ---------------
+
+Redistribution and use in source and binary forms are permitted provided 
+that the above copyright notice and this paragraph are duplicated in all 
+such forms and that any documentation, advertising materials, and other 
+materials related to such distribution and use acknowledge that the 
+software was developed by the copyright holders.  The name of the copyright
+holders  may not be used to endorse or promote products derived from this 
+software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED ''AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 
+WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 
+MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
@@ -0,0 +1,72 @@
+#!/bin/bash
+# start msfrpcd and the deconfliction server. Check for common mistakes
+# to save some time and head scratching...
+
+# check the arguments
+EXPECTED=2
+if [ $# -ne $EXPECTED ]; then
+	echo "[-] You must provide: <external IP address> <team password>"
+	echo "    <external IP address> must be reachable by Armitage"
+	echo "          clients on port 55553"
+	echo "    <team password> is a shared password your team uses to"
+	echo "          authenticate to the Armitage team server"
+	exit
+fi
+
+# check that we're r00t
+if [ $UID -ne 0 ]; then
+	echo "[-] Superuser privileges are required to run the team server"
+	exit 
+fi
+
+# check if java is available...
+if [ $(command -v java) ]; then
+	true
+else
+	echo "[-] java is not in \$PATH"
+	echo "    is Java installed?"
+	exit
+fi
+
+# check if keytool is available...
+if [ $(command -v keytool) ]; then
+	true
+else
+	echo "[-] keytool is not in \$PATH"
+	echo "    install the Java Developer Kit"
+	exit
+fi
+
+# check if msfrpcd is available
+if [ $(command -v msfrpcd) ]; then
+	true
+else
+	echo "[-] msfrpcd is not in \$PATH"
+	echo "    is Metasploit installed?"
+	exit
+fi
+
+# check if msfrpcd is running or not
+if [ "$(pidof msfrpcd)" ]; then
+	echo "[-] msfrpcd is already running. Kill it before running this script"
+	echo "    try: killall -9 msfrpcd"
+	exit
+fi
+
+# generate a certificate
+	# naturally you're welcome to replace this step with your own permanent certificate.
+	# just make sure you pass -Djavax.net.ssl.keyStore="/path/to/whatever" and
+	# -Djavax.net.ssl.keyStorePassword="password" to java. This is used for setting up
+	# an SSL server socket. Also, the SHA-1 digest of the first certificate in the store
+	# is printed so users may have a chance to verify they're not being owned.
+echo "[+] Generating X509 certificate and keystore (for SSL)"
+rm -f ./armitage.store
+keytool -keystore ./armitage.store -storepass 123456 -keypass 123456 -genkey -keyalg RSA -alias armitage -dname "CN=Armitage Hacker, OU=FastAndEasyHacking, O=Armitage, L=Somewhere, S=Cyberspace, C=Earth"
+
+# start everything up
+echo "[+] Starting RPC daemon"
+msfrpcd -U msf -P $2 -a 127.0.0.1 -p 55554 -S
+echo "[+] sleeping for 20s (to let msfrpcd initialize)"
+sleep 20
+echo "[+] Starting Armitage team server"
+java -Djavax.net.ssl.keyStore=./armitage.store -Djavax.net.ssl.keyStorePassword=123456 -server -XX:+UseParallelGC -jar armitage.jar --server $1 55554 msf $2 55553
@@ -0,0 +1,1346 @@
+Armitage Changelog
+==================
+
+4 Jan 13 (tested against msf 16252)
+--------
+- Added a helper to set REXE option
+- Added an icon to represent Windows 8
+- [host] -> Login menu is now built using open services for all 
+  highlighted hosts, not just the first one.
+- [host] -> Login items now escape punctuation characters in passwords
+  before passing them to a framework module.
+- Added the windows and linux postgres_payload exploits to the use a
+  reverse payload by default list.
+- Small tweak to allow Armitage to work with Metasploit 4.5 installed
+  environment on Windows.
+
+Cortana Updates (for scripters)
+--------
+- &credential_add and &credential_delete no longer break when a 
+  password has creative punctuation in it.
+
+26 Nov 12 (tested against msf 16114)
+---------
+- Windows command shell tab is now friendlier to commands that prompt
+  for input (e.g., time command)
+- [host] -> Meterpreter -> Access -> Escalate Privileges now shows all
+  the framework's new exploit/windows/local modules too
+- [host] -> Shell -> Post Modules now shows the framework's unix/local 
+  and exploit/linux/local modules
+- Added Ctrl+I shortcut. Lets you choose a session to interact with.
+- Added Steal Token button to Processes dialog.
+- Armitage now asks Metasploit for a non-expiring authentication token.
+  This will prevent Armitage from losing its access to msfrpcd when you
+  put your computer to sleep or pause the VM running Metasploit.
+- add_user and add_[local]group_user now show all of their output when
+  the -h flag is used to operate on a remote host.
+- added a Delete menu to creds table. Right-click a cred to delete it
+
+Cortana Updates (for scripters)
+--------
+- aliased &data_delete to &data_clear to match the documentation.
+- &file_get, &loot_get, and &file_content no longer delete the remote 
+  file when connected to a teamserver.
+
+16 Oct 12 (tested against msf 15972)
+---------
+- Added port 5985 to MSF Scans list.
+- Meterpreter -> Access -> Persistence sets ACTION option for you
+- Changed how LHOST and LPORT are set globally to prevent Ruby 
+  character encoding conversion error in the framework.
+- Pass Session, Log Keystrokes, and Persist now query module info
+  in a separate thread (avoids a deadlock opportunity)
+- Armitage now shows folder/URL in a popup dialog for environments
+  where JDesktop API to open them directly is not supported
+- Check all credentials option now filters the list to avoid trying
+  a pair of credentials twice.
+- Armitage's exploit payload selection now selects cmd/unix/interact
+  when appropriate.
+- Explore -> Processes now works with Java Meterpreter again.
+- MSF Scans feature now runs http_version against port 443
+
+5 Sept 12 (tested against msf r15804)
+---------
+- Setup dialog now trims host, port, user, and pass fields.
+- Armitage now complains when it can't write to your preferences
+  file (versus just hanging without a real error message)
+- View -> Jobs now queries jobs in a thread outside of UI thread
+- Tab completion now uses a separate thread to call into the RPC
+  server. This prevents a deadlock if server is not responding.
+- Login -> psexec now shows when 445 is open on a Windows machine.
+  The old criteria was too restrictive.
+- Added a helper to set Wordlist option
+- Armitage now sets a random LPORT for non-exploit modules with an
+  LPORT option (e.g., post modules that do priv escalation)
+- Armitage now shows an error if it can't open a Win command shell
+- Steal Token dialog now uses incognito module to get token data 
+  instead of the MSF post module. This is more reliable.
+- You may now setup the reverse payload for current_user_psexec
+
+Cortana Updates (for scripters)
+--------
+- added an eventlog popup hook
+
+16 Aug 12 (tested against msf r15753)
+----------
+- Dynamic workspaces now removes closed services from its set of
+  hosts matching certain open ports.
+- Cortana console now reports a clear error message a built-in
+  command is executed without the right number of arguments.
+- Added host icons for Android and iOS. You may now set these
+  operating systems by going to [host] -> Host -> Operating System
+- Armitage now shows the client-side exploit dialog for any exploit
+  that does not target an RHOST (for example, windows/smb/smb_relay)
+- Added support for remote exploits that use RHOSTS over RHOST
+  (this includes the new windows/local/current_user_psexec)
+- Added a helper for setting the SESSION option
+
+Cortana Updates (for scripters)
+--------
+- s_cmd no longer times out after 60s. It will wait forever for
+  a command to complete now.
+- added shell_read event which fires when a shell s_cmd comes
+  back with intermediate output.
+- fixed a potential deadlock with &open_console_tab
+- scripts now have the ability to redefine the max size of a 
+  workspace: db_workspace(%(size => #####));
+
+2 Aug 12 (tested again msf r15698)
+--------
+- Armitage now reports vulnerability module and descriptions 
+  properly (again) when exporting data. Had to update to match a
+  change to the db schema.
+- Pass-the-Hash and Login dialogs now stay open if you press 
+  shift while clicking Launch. This convention is pretty universal
+  to Armitage.
+- Team server now buffers all of its outgoing data. I've also 
+  disabled SO_NODELAY. This will greatly improve team server latency
+  on congested networks without impacting responsiveness otherwise.
+- Added Cortana, a DARPA funded scripting technology, into Armitage.
+  There's a lot of fun to be had here.
+- Armitage now queues messages to destroy a console rather than
+  spinning up a new thread for each closed console.
+- Rendering of icons for hosts now happens outside of UI thread.
+- Increased timeout for meterpreter read command
+- Armitage now detects a corrupt module cache and attempts to clear
+  it so it can be rebuilt. 
+
+5 Jul 12
+--------
+- Login -> psexec now sets a different LPORT for each host it's
+  launched against when using a reverse payload. Fixes a bug where
+  using a reverse connect payload against X hosts didn't work.
+- Progressbar Cancel button now works with the Sync Files button
+  in View -> Downloads and View -> Loot
+- Fixed a potential deadlock with the Sync Files feature
+- Clicking the Size column in View -> Downloads now sorts properly
+
+24 Jun 12
+---------
+- Meterpreter -> Kill now uses session.stop RPC call
+- Simplified code to stop a running job
+- Added an option to disable TCP_NODELAY from the comamnd line:
+
+	java -Darmitage.enable_nagle=true -jar armitage.jar
+
+  Use this if you see "bad mac" SSL errors when connected to a
+  team server.
+- Log Keystrokes tab now changes color when there is activity
+- Randomized filename for USERPASS_FILE to allow multiple brute
+  forces to happen at once.
+- Added a View item in the File Browser's popup menu. This will
+  let you quickly read several highlighted text files (it also
+  saves the files to the right place locally too)
+
+7 Jun 12 - Adding on to those quick bug fixes / tweaks
+--------
+- Disabled Nagles algorithm for team server and client SSL sockets.
+  This makes team server much more responsive... trust me.
+- Fixed bug preventing Armitage from showing "Started Service" 
+  message when starting the SOCKS Proxy server.
+- Fixed a find feature highlight bug in the View tab.
+
+30 May 12 - A few quick bug fixes / tweaks...
+---------
+- Fixed an exception when killing a session or removing a route 
+  through the UI. 
+- Oooh, ps command added a new column to its output. Updated ps  
+  parser to handle this.
+- Hosts -> Import Hosts now works under Windows again. Had to 
+  escape the filename. *sigh*
+- Hail Mary now sets LHOST option. This is necessary for some 
+  attacks to work properly.
+- Tweaked console create code in beginning of Armitage setup to 
+  hopefully avoid aggravating the evil console.create deadlock
+  condition.
+
+21 May 12
+---------
+- Added a hack to prevent the input area from flickering when the 
+  prompt changes.
+- Updated the color palette to something a little more subtle.
+- Added an optimization to how modules are launched. This will make
+  a difference for team use in high latency situations.
+- Rewrote MSF Scans feature to use console queue. This option is more
+  reliable and it makes the code easier to follow.
+- Added a hack to combine chat message writes with a read request.
+  This will make the event log more responsive in a high latency 
+  situation (can't you tell I care about this "situation")
+- Fixed text highlights through Ctrl+F on Windows. UNIX platforms 
+  were always OK. Another good reason to not use these tools on 
+  Windows. Ever.
+- View -> Downloads Sync Files feature now works on Windows. It looks
+  like leaving those pesky :'s in the file paths is bad.
+
+17 May 12
+---------
+- Fixed bug with loot/download viewer breaking with a font resize.
+- Default console font color is now grey. I never noticed that I had
+  white text on a black background before. That's a lot of contrast.
+  This is adjustable too through Armitage -> Preferences.
+- And... the Armitage console now displays pretty colors. If you don't
+  like colors, set the console.show_colors.boolean preference to false
+  through Armitage -> Preferences.
+- Fixed a bug preventing input field from getting focus when popping a
+  console tab using Ctrl+W.
+
+14 May 12
+---------
+- Oopserific--dynamic workspace shortcuts were not bound until you
+  clicked the Workspaces menu. I fixed that.
+- Improved console pool's ability to detect a dead console. If you saw
+  "null" prompts in an open tab, it's because of a dead console. Fixed
+- Bound Ctrl+Backspace to reset dynamic workspaces. Ctrl+0 is now back
+  to what it originally did (resetting the font size to default).
+- Added Ctrl+T to take a screenshot of the active tab
+- Added Ctrl+W to pop the active tab into its own window
+- Armitage team server is now SSL enabled. The teamserver script (you
+  are using it, right?) generates a certificate for you using keytool.
+  The server presents the SHA1 hash of its certificate. Armitage users
+  have the opportunity to verify and trust the hash of the certificate
+  presented to them or to reject it and not connect.
+- Added Ctrl+Left / Ctrl+Right to quickly navigate through tabs.
+- Added a check to prevent clients from connecting to msfrpcd directly
+  when teaming is enabled.
+- Fixed a bug that prevented command shells from opening on some sessions
+- Team server client now caches certain calls to RPC server.
+- Reworked the Loot/Downloads View button. Now, all highlighted files are
+  displayed in one View tab. This makes searching easier. Each file is
+  displayed with a colored header (to make it easier to tell when one file
+  ends and the other begins). 
+- Added Sync Files button to Loot/Downloads tabs when connected to a team
+  server. This button will download all files associated with the highlighted
+  rows and save them in the Armitage data directory.
+
+7 May 12
+--------
+Note: Armitage team server setup has changed. Refer to the manual for
+the latest information: http://www.fastandeasyhacking.com/manual#7
+
+- Armitage team mode now routes all Metasploit-bound calls through the
+  deconfliction server. Armitage also pools "temporary" Metasploit
+  consoles. It's too bad this is logged as one change, because it's 
+  more like twenty. These changes were motivated by a desire to avoid 
+  triggering a race condition that was introduced w/ Metasploit 4.3.0.
+         http://dev.metasploit.com/redmine/issues/6829
+
+  On the bright side these changes will allow a lot more flexibility 
+  to optimize how Armitage interacts with msfrpcd and to do some neat 
+  things (like logging) in a centralized way.
+- Module description (in module launch dialog) is now resizable.
+- Added Ctrl+D keyboard shortcut to close active tab.
+- Armitage now uses (more robust) console queue for launching post
+  modules, handlers, brute force attacks, and other things.
+- Fixed a race condition in the Jobs tab refresh after killing a job
+- Armitage now filters smb hashes from non-psexec/smb login dialogs.
+- Added armitage.log_data_here.folder setting. This setting lets you
+  specify where Armitage will save its logs, downloaded files, and
+  screenshots. *cough* Some penetration testers like to dump everything
+  to an encrypted volume. *cough*. I apologize it took this long to
+  get this feature in place.
+- Improved perceived responsiveness of a console interaction
+
+17 Apr 12
+---------
+- Modified how Armitage determines a console command is complete to stay 
+  compat with behavior changes in a recent Metasploit update.
+- Armitage now queues console commands to prevent out of order execution.
+
+16 Apr 12
+---------
+- The search field in the module browser now updates results in real time.
+  Start typing and Armitage will start filtering the module tree for you. 
+  Clear the field to reset it to the default state.
+- Added keyboard shortcuts to switch dynamic workspaces...
+	Ctrl+1 = first workspace
+	Ctrl+2 = second workspace
+	....
+	Ctrl+0 = show all 
+- Added keyboard shortcuts:
+	Ctrl+N = new console
+	Ctrl+O = open preferences
+- Armitage's Meterpreter -> Access -> Dump Hashes -> lsass method is now 
+  much better about grabbing all of the hashdump output and adding it to 
+  the creds table. The hashdump command returns output as an arbitrary
+  number of chunks. I now use a different read strategy for determining when
+  the output is complete.
+- You may now use Ctrl+Alt to deselect highlighted items in a range in the
+  Jobs and Workspaces table views (most other table views that do multi
+  selection should allow this already).
+- Added Shell -> Pass Session for *NIX shell sessions. Uses the system_session
+  module to pass a shell session elsewhere (or duplicate the current shell)
+
+29 Mar 12
+---------
+- Fixed a bug that affects first-time users. Armitage was not initializing a
+  console before trying to connect to the database. 
+
+28 Mar 12
+---------
+- Team server now delivers chat messages in batches vs. one line at a time. 
+  This will make syncing on reconnect much better (in theory)
+- Several optimizations to prevent unnecessary reads/calls to deconfliction
+  server when in team mode. This will primarily affect high latency situations.
+- Use Shift+Click to close all tabs with the same name. This feature now closes
+  all tabs in the same group (e.g., all screenshots, file browsers, command 
+  shells, etc.)
+- Armitage now logs launches of the enum_dns module.
+- Hosts -> DNS Enumerate now populates NS field with highlighted host.
+- Armitage now adds a tooltip to tabs associated with a session. Hover your 
+  mouse over a tab X button to see which host the tab is associated with.
+- Fixed a potential exception caused when listing downloads.
+- Created a queue to process certain commands meant for Metasploit in order and
+  in a throttled manner. Started moving some Armitage calls to it. Now you can
+  fire an exploit at 1,000 hosts and Armitage won't blink. It might take awhile
+  before that exploit finishes firing against all of the hosts though :)
+- The file browser now has a "List Drives" button. It's only available on 
+  Windows sessions. Click it to see which drives are available.
+- File browser can now navigate to folders with apostrophes in their name.
+- Made some major internal changes to how Armitage interacts with Metasploit. The
+  goal is to make a more robust and faster hacking experience for you.
+
+22 Mar 12
+---------
+- Updated Armitage NMap profiles with the following:
+	-T4 (instead of -T5) [wait longer for open services to reply]
+	-n  [forces NMap to not resolve the hostname of IP addresses]
+	--min-hostgroup 96 [allows more parallelism when scanning hosts]
+- Armitage now intercepts screenshot and webcam_snap commands from meterpreter 
+  shell and performs the appropriate action with them.
+- View -> Creds -> Export button now works in team mode.
+- Doh! Armitage now properly shows VMWare icon when OS is set to a VMWare ESXi
+- Armitage "is command finished?" heuristic now accounts for commands like
+  del /S which prompt with a (Y/N)? - you can safely use these commands again.
+- Armitage now detects whether a client connecting to the team server is out 
+  dated or not. It rejects old clients. They will get a message indicating they
+  need to update and then their client won't do anything else. You'll see a
+  message printed to STDOUT where the team server ran about the rejection.
+- Added a * indicator to the active workspace in the workspaces menu.
+- Added Hosts -> DNS Enumerate, this menu launches a Metasploit module that will
+  attempt to discover hosts by querying a name server in different ways.
+- Added a file chooser helper to WORDLIST option.
+- Armitage now displays a pivot relationship between a compromised host and the
+  NAT/proxy device it is connected through.
+- Added a Copy button to services tab. This button copies the highlighted hosts
+  to the clipboard. I found myself needing this several times recently.
+- Improved reverse payload selection logic (now it includes rev php meterpreter)
+- Armitage now sets a different LPORT for each exploit launched with a rev payload
+
+10:30am
+- Changed algorithm for determining which edges to highlight in graph view. If there
+  is a pivot and both sides have a session, then the edge is highlighted.
+
+8 Mar 12 1.43-dev
+--------
+- Armitage now uses session_host to determine which host a session is associated
+  with. This value is grabbed directly from the OS itself. You'll no longer have
+  20 meterpreter sessions associated with a NAT/firewall device.
+- Armitage now spins up a new listener for each client-side attack (no longer
+  relying on the random default listener created on startup). Of course you can
+  change this... double-click the PAYLOAD option to set it to something else.
+- Token stealing dialog now disables refresh button while grabbing tokens. Enables
+  it again when done.
+- Armitage now talks to Metasploit every two minutes to prevent auth timeout.
+- Armitage now displays a firewall icon for hosts with no OS marked as a firewall
+  by MSF.
+- Armitage now selects an IPv6 bind payload when attacking IPv6 hosts.
+- Armitage now explicitly sets RPORT for different MSF Scan options and psexec.
+- Updated the about dialog to include a version number and release date.
+- Added a ./teamserver [external IP] [shared pass] script to the UNIX distro of 
+  Armitage. This script makes it much easier to startup Armitage's team server mode.
+
+2 Mar 12 - Catching up to a few MSF 4.3.0-dev changes...
+--------
+- Added a tab rename feature.
+- Hosts that self report as .NET server now display an XP/2003 era icon.
+- Updated route command parser to conform to Metasploit 4.3.0's output for it
+- "Check all credentials" feature now works when running the deconfliction 
+  server AND client from the same folder.
+- [host] -> Host -> Operating System -> * now clears notes related to host
+  before updating OS. This allows future scans to trigger MSF normalization
+  code and update the OS to something else (e.g., from Unknown to X)
+
+29 Feb 12
+---------
+- Armitage now displays a VMWare icon for hosts flagged as ESX/ESXi servers
+- Overhauled token stealing user experience--this is the cadillac version. You
+  now get a nice list of the available tokens (from the post module), click to
+  impersonate, refresh, rev2self, and getuid. 
+- Improved file browser responsiveness
+- Table view now allows individual hosts to be deselected in an interveral 
+  (Armitage will no longer reselect these hosts for you)
+- Dynamic workspaces no longer requires a comma and a space between entries (a
+  comma is good enough)
+- Improved the [Host] -> Remove menu option
+- Deconfliction server now returns the previous 100 events to new clients.
+- File browser directory up button is now more obvious
+- Keyboard accelerators when you right-click in the graph view are now correct.
+- Adjusted the graph view scrolling increments to something sane.
+- Added a slight delay between commands issued to a console to prevent them 
+  from executing out of order.
+
+21 Feb 12
+---------
+- Added Cut/Copy/Paste menu to table cell editor.
+- Module browser search field now treats spaces as a wildcard. You may type:
+  "win meterp" and Armitage will treat it as "win*meterp"
+- Hovering over an edge in graph view no longer reports a "null" tooltip
+- Fixed parsing of ps output for the process dialog (it's much much better now)
+
+14 Feb 12
+---------
+- Added ports 5631 (pc anywhere) and 902 (vmauthd) to the MSF Scans feature.
+- Several cosmetic tweaks to the spacing in Armitage tables.
+- Moved table render code from Sleep to Java to avoid potential lock conflicts
+- Added support for vba-exe payload output type.
+- Payload generation dialog now sets more appropriate default options for the
+  vba output type when it is selected.
+- Meterp command shell "read more stuff?" heuristic now accounts for Yes/No/All
+- Fixed ExitOnSession showing up twice when setting advanced options for a 
+  client-side exploit
+- You may now import multiple files through Hosts -> Import again.
+- Added 5s timeout to d-server connect attempt.
+- Added a --client [connect.properties] to specify which Metasploit server to 
+  connect to. The connect.properties file is a Java properties file that looks
+  like this (without the leading whitespace):
+
+  host=127.0.0.1
+  port=55553
+  user=msf
+  pass=test
+
+19 Jan 12
+---------
+- Data export now includes a sessions file. This lists all of the Metasploit
+  sessions you had in your database. There's some neat data here including
+  which exploit was used, which payload, start time, and close time. You can
+  calculate how much time you spent on your client's boxes. Cool stuff.
+- Fixed a potential dead-lock caused by mouse enter/exit events firing code
+  that required a lock. Nice landmine to defuse.
+- Fixed a weird condition with d-server detection. Sometimes (rarely)
+  Armitage wouldn't detect the d-server even when it's present.
+- Added check to d-server allowing one lock per/client. Client won't reobtain
+  a lock until it lets it go. This prevents you from opening two shell tabs
+  for a shell session in team mode.
+- Fixed an infinite loop condition when some Windows shell commands would
+  return output with no newlines (e.g., net stop [some service]). Thanks
+  Jesse for pointing me to this one.
+- Data export now includes a timeline file. This file documents all of the
+  major engagement events seen by Armitage. Included with each of these 
+  events is the source ip of the attack system and the user who carried out
+  the action (when teaming is setup).
+- Data export now exports timestamps with current timezone (not GMT)
+- Fixed a nasty bug that's been with Armitage since the beginning! I wasn't
+  freeing edges properly in the graph view. If you had pivots setup in graph
+  view and used Armitage long enough--eventually Armitage would slow down until 
+  the program became unusable. At least it's fixed now.
+- Adjusted the d-server state identity hash combination algorithm to better
+  avoid collissions.
+- Armitage now displays 'shell session' below a host if the host info is just
+  the Windows shell banner.
+
+5 Jan 12
+--------
+- Armitage d-server now transmits hosts, service, and session state only 
+  when something has changed. This makes teaming much snappier.
+- Uploading an imported hosts file now shows a progress dialog.
+- File browser upload function no longer blocks the user interface in team
+  mode. A progress dialog is shown for uploading larger files. 
+- Removed Ctrl+R refresh hosts shortcut from graph view (it's no longer 
+  necessary)
+- Armitage now exits if it was unable to connect to the collaboration server.
+- Hosts -> NMap Scans and Hosts -> MSF Scans dialogs are now populated with 
+  the selected values from the target area by default.
+- You may now interact with a Windows command shell through Java meterpreter.
+- Armitage no longer shows Webcam Shot option through Java meterpreter.
+- Armitage now detects when it does not have read permissions for the database
+  YAML file and prompts with something helpful. Before it would just freeze
+  with a blank dialog. Not helpful. :)
+- Armitage now only shows services that are open. 
+- View -> Reporting -> Export Data now has the capability of dumping the whole
+  database (not just the current workspace).
+- Added a dialog to View -> Reporting Export Data. Now you have the ability to
+  dump all hosts or choose to dump one of the dynamic workspaces. This gives
+  you a lot of flexibility with which hosts are included.
+- Cleaned up exported output of vulnerabilities in the Metasploit database:
+  -- duplicate entries are collapsed to one (this was the fault of my query)
+  -- refs column contains references separated by a comma and a space
+  -- added info and module columns. The module column indicates the appropriate
+     Metasploit module
+  -- Metasploit modules now populate name, info, and module in an appropriate
+     way.
+- Values exported to TSV are cleaned up such that newlines are replaced with a
+  literal \n and tabs are converted to three spaces.
+
+30 Dec 11 - last release of the year?
+---------
+- Hosts -> Clear Database now clears the sessions and clients tables 
+- Fixed a bug preventing dynamic workspace port/session filter from 
+  working on a fresh database. This was a fun one. This only affected 
+  folks with a completely fresh database and because Hosts -> Clear 
+  Database didn't clear everything, this went unnoticed until now.
+- Added various reverse shell payloads to payload helper dialog.
+- Added file chooser helper for SigningCert and SigningKey options.
+- Added hack to return correct route info when setting up pivoting through
+  Java meterpreter.
+- Armitage now posts a note to the event log when a user starts a browser 
+  exploit or a server module.
+- Armitage now supports dragging and dropping a module onto a host in graph
+  and table view. This action opens the module launcher configured to work
+  with that host.
+- Drastically rewrote MSF Scans. MSF Scans now intelligently builds a list
+  of ports to scan based on what Metasploit can do. After an initial port
+  scan, MSF Scans runs discovery modules against relevant hosts. As a bonus
+  you will see all of the output of these scans. 
+- Enhanced the Windows heuristic used to guess which OS image to display
+- The deconfliction server throttle is now less draconian about how long it
+  throttles a call.
+- Armitage no longer posts to the event log from the UI thread (this will
+  prevent the UI from blocking in some cases)
+- Command shell now handles interaction with d-server in a separate thread
+  from the UI thread. This will prevent UI blocking in some cases.
+- Added Ping Sweep... option for non-Windows meterpreter sessions. Now Java
+  meterpreter users have a quick host discovery option.
+- Change Host OS option now matches new Metasploit database schema.
+- Deconfliction server now sets LHOST to the IP address you provided. Also,
+  Armitage clients do not overwrite LHOST once it is set.
+- Interacting with a shell in team mode no longer blocks UI to communicate
+  with d-server.
+
+12 Dec 11
+---------
+- Armitage teaming mode now downloads the resulting file for any fileformat
+  exploit.
+- Armitage -> Set Exploit Rank and Set Target View now show a * next to an 
+  item to indicate the current setting.
+- Shift+click on Launch in a module launch dialog will not close the module
+  launch dialog. One use case for this: set up a payload multi/handler, 
+  shift+click Launch to do it, then change output type to exe, click Launch
+  and you're all set.
+- Dynamic Workspace editor now trims whitespace from your entries. Errant
+  whitespace causes Armitage to reject the entry and your workspace never
+  acivates.
+- Updated the "msfrpcd died" troubleshooting dialog. The new one takes folks
+  to a website with detailed information. 
+- Armitage now uses "load" to load a meterpreter module instead of "use"
+- Key logger event log announcement now notes the session ID. This is so 
+  your teammates will know not to migrate that session since it's recording
+  key strokes.
+- Right-click X in tab -> Save Screenshot now displays filename without the
+  path.
+- Deconfliction server now detects when database is not available and offers
+  troubleshooting steps. 
+- Loot/Downloads viewer now has a right-click menu to Copy selected text.
+
+22 Nov 11 - A big improvement...
+---------
+- Services refresh is now set to 30s (vs. 60s before)
+- Workspaces -> Manage now opens as a tab and shows all data about workspaces
+- Fixed a bug with Edit Workspace not auto-checking session box when set.
+- Meterpreter -> Access -> Escalate Privileges now highlights the priv esc
+  options in the post module true. This is viable now that getsystem is a   
+  module.
+- Payload module launcher now lets you set Template, Iterations, Encoder, and
+  KeepTemplateWorking for any Windows payload. Also, payload is generated and
+  saved locally without opening a tab. 
+- sessions -i ## trap is now smarter and opens a shell tab for shell sessions,
+  a meterpreter tab for meterpreter sessions, and offers an error when you
+  try to interact with a session that doesn't exist.
+- Armitage no longer shows a host until it receives a db.hosts reply.
+- Right-click a module and select Relevant Targets to create a dynamic 
+  workspace that shows only targets that meet the host/port criteria for that
+  module. Use Ctrl+A to select all of those hosts and rock'n'roll. :)
+- Hosts -> Import Hosts now works when the folder/file has spaces in it.
+- Dynamic workspaces are now local to the current Armitage client. They no
+  longer have a global effect in teaming mode.
+- Added an Activate button to workspace management dialog.
+- Fixed a bug with sessions only dyn workspace sometimes showing hosts that
+  do not have sessions.
+- You may now highlight multiple jobs in View -> Jobs and select Kill to get
+  rid of all them at once.
+
+11.17.11 - All the things I wanted to do, but didn't have time
+--------
+Release Note 1: if you use Armitage teaming, things changed. You have to start 
+msfrpcd with a different set of flags and your team must use the latest version 
+of Armitage. If you have a script that starts msfrpcd, you must update it. 
+
+More information is at: http://www.fastandeasyhacking.com/manual#7
+
+Release Note 2: Armitage requires a Metasploit base install of 4.0 or greater. 
+If you use msfupdate to update a Metasploit install prior to 4.0, then Armitage
+will not work. The Metasploit pre-4.0 installers did not install dependencies
+that Armitage requires today. Missing are certain Java cryptography extensions
+and the msgpack Ruby gem. BackTrack 5 is Metasploit 3.7. BackTrack 5r1 is 4.0.
+
+- db.services now limits its results to hosts that are returned by db.hosts. 
+  This fixes a bug where services data for some hosts was not returned when
+  when >3,500 hosts are in the armitage database.
+- MSF Scans menu is now available under Hosts menu again.
+- Removed Browser Autopwn menu as its future in Metasploit is undecided.
+- Find Attacks/Hail Mary now pull latest service info from DB before resolving
+  the attacks. This prevents a situation where Find Attacks after a scan yielded
+  nothing because Armitage had not synced with the database yet.
+- Deconfliction server now complains when you try to use 127.0.0.1 as your host
+- Added cut/copy/paste/clear menu to most textfields. (for Glen)
+- Added Workspaces -> Manage to edit, add, and remove dynamic workspaces.
+- Added code to intercept "sessions -i ##" and open a meterpreter tab instead.
+- Armitage now honors port setting when starting msfrpcd for you.
+- Armitage now detects msfrpcd shutdown and offers user advice to fix it. The
+  most common cause is probably a lack of msgpack.
+- Fixed a deadlock that happened when generating a payload.
+
+11.13.11 - A major rewrite of a lot of stuff.
+--------
+- Moved from XML/RPC interface to MSGPACK. This should be much faster.
+- Removed Armitage dependence on Metapsloit db.* API--since it may go away soon.
+- Attack recommendations and Hail Mary no longer depend on db_autopwn. New code
+  offers same results with improved speed.
+- Simplified Hail Mary and Find Attacks to use port/OS information only.
+- Greatly improved keystroke recorder. The option is now called "Log Keystrokes".
+  It uses the Metasploit keystroke_recorder post module. Results are regularly 
+  dumped into the post module window. Also, the results are stored as loot 
+  available for the team to view.
+- Launching the keystroke_recorder post module now makes an announcement to the
+  event log.
+- Added a button to Processes tab to log keystrokes. This will bring up a the
+  keystroke_recorder module configured to migrate to the process and record 
+  keystrokes there.
+- Removed Workspaces menu. Armitage now works from the default workspace.
+- Simplified Hosts menu.
+- Meterpreter -> Access -> Persistence now calls persistence post module.
+- Improved Meterpreter -> Access -> Steal Tokens, it's still wonky but it's a 
+  little better now.
+- Host import now uses db_import command running in a console.
+- Added Armitage -> Set Exploit Rank to update the minimum exploit rank value.
+- Armitage now displays up to 512 hosts and 12,288 services at any given time.
+  This keeps Armitage operable even if you scan a big freaking network.
+- Added dynamic workspaces. This feature gives you the ability to define a filter
+  on the database and Armitage will display only hosts that match this filter.
+  You may define filters based on operating system, open ports, and network address.
+  Go to Workspaces -> Create to create a filter. Filters show up under the 
+  Workspaces menu and you may switch back and forth betweem them too.
+- Simplified the Connect dialog. One button. :)
+- Right-click Scan option now scans for HTTPS.
+- Check all credentials option no longer tries blank passwords/username as pass
+- Added a read optimization to the console code. This will reduce load in a team 
+  engagement + make consoles feel faster when there is output.
+- Armitage now opens the event log tab instead of a metasploit console tab in team
+  mode.
+- Fixed a host sorting issue in table view.
+- Moved View -> Targets to Armitage -> Set Target View
+- Overhauled how Armitage handles downloaded files. Downloads are saved to a set
+  place on the attack server. Downloads are available to the whole team through
+  View -> Downloads. This works like the loot viewer. Team members may view text 
+  files or download binary files. This method is friendlier when downloading whole
+  directories of stuff.
+
+10.20.11
+--------
+- Modified hail mary attack to get a little more success with some common Windows
+  attacks.
+
+10.17.11 
+--------
+- Added menu item to dump hashes using the old lsass method or the smart hashdump
+  registry method.
+
+10.13.11 take II?
+--------
+- updated msf3/data directories to account for new install locations.
+- Removed Meterpreter -> Access - > Duplicate because it is now redundant with
+  Meterpreter -> Access -> Pass Session
+- Updated Meterpreter -> Access -> Pass Session to have LPORT of default 
+  Meterpreter listener. Click Launch to simply duplicate your current session.
+- Added Meterpreter -> Access -> Steal Token to list and steal user/group tokens
+- Updated meterpreter multiplexer to not expect output from rev2self. 
+
+10.13.11
+--------
+- added ability to set up VNC on a target when connected to a remote Metasploit
+- Armitage now tells you where to connect your VNC client to access the desktop
+  of a compromised host. You'll need to have a local VNC client available.
+
+10.12.11 - oooh SECKSY
+-------- 
+- fixed a typo in the default armitage settings file.
+- made PAYLOAD helper friendly to post/windows/manage/payload_inject
+- Meterpreter -> Access -> Pass Session now uses payload_inject
+
+10.12.11
+--------
+- Meterpreter N -> Hashdump now runs post/windows/gather/smart_hashdump module.
+  This gives you the benefit of seeing its output and it works in more
+  situations. 
+- Right-click the tab X button and select Save Screenshot to take a screenshot
+  of the current tab. This image will render the tab contents exactly as seen
+  on the screen. Useful for putting together a report or presentation.
+  (thanks Rob for the suggestion)
+- Added a module launcher helper for RHOSTS and RHOST. This helper will let you
+  import a list of IPs (separated by newlines) from a file into these fields.
+- View -> Reporting -> Export Data no longer fails if there are no hosts to
+  export data about.
+- Armitage now runs post/auxiliary modules as jobs (meaning you may kill them
+  using View -> Jobs)
+- hashdump and smart_hashdump post modules will now announce to the event log
+  that hashes were dumped when they're run (whether through the menu or 
+  the module browser).
+- View -> Reporting -> Export Data now takes a screenshot of the table view
+  and includes it in the artifacts (when table view is active)
+
+09.26.11 - take 2
+--------
+- Improved performance when launching exploits and other modules that open
+  a new tab.
+- Launching an exploit will only open a tab when fewer than four hosts are 
+  highlighted. If four or more are highlighted, then Armitage will use the old
+  behavior of silently launching each exploit. [You're supposed to be able to
+  attack hundreds of hosts at once--hence my desire to add this caveat]
+- When launching an exploit in the background, Armitage will show a dialog 
+  indicating that the exploit was launched against X hosts.
+
+09.26.11 
+--------
+- You may now drag and drop Armitage tabs to rearrange their order.
+- Armitage "show all commands" option (for better exploit feedback) is now on 
+  by default. 
+- You may now right-click a screenshot/webcam shot to zoom in or out on the 
+  image. The zoom-level stays fixed (in case you refresh the image later)
+- Added a menu to the X button in the tabs. Through this menu you may open the
+  current tab in its own window or close all like tabs.
+- Updated Hosts -> Import Hosts to reflect the current importable file types.
+- Added View -> Reporting -> Export Data to dump most Metasploit tables into 
+  TSV and XML files suitable for parsing (by you!) into a report format of 
+  some sort. 
+- Armitage now encodes (-e x86/shikata_ga_nai -i 3) any Windows meterpreter 
+  payload generated from the module launcher dialog.
+- [host] -> Meterpreter -> Access -> Duplicate now uses multi_meter_inject to
+  launch Meterpreter into memory directly (rather than upload and execute a file)
+- In teaming mode, Armitage will now automatically upload a file selected through
+  the + option (e.g., USER_FILE +) to the Metasploit server and set the value
+  in Metasploit accordingly.
+- Modified error output for a failed Metasploit method to only display the
+  method name and error message. Displaying a large input would cause Armitage
+  UI to start flashing in some weird disco mode until a hard reset. Yeaah.
+
+09.08.11
+--------
+- Armitage now highlights the event log tab when something new is posted and the
+  tab is not active. Control the color by editing tab.highlight.color pref.
+- Fixed a bug preventing preference values from saving properly (and having an
+  effect).
+- Added "Check all credentials" option to the login dialogs. This option will 
+  login to the service to test each credential. Successful logins will populate
+  the credentials table.
+- Fixed a bug preventing the first open console from scrolling all the way to 
+  the bottom when open.
+- Credential export button now escapes the file path (making the button work on
+  Windows). This bug is another good example of why you should use Armitage on
+  Linux. It'll just work. Windows users: expect surprises.
+- Use Ctrl+Shift on a tab X button to remove the tab and create a desktop window 
+  with its contents. I suspect you'll find this really useful at times.
+- Armitage now remembers your auto-layout setting. Right-click in the graph area
+  to change it.
+- Setting armitage.show_all_commands.boolean to true will now run each exploit in 
+  its own tab. Setting this is a good way to get feedback on the attacks you
+  launch and to learn the Metasploit console better.
+
+07.31.11
+--------
+- Fixed bug preventing Meterpreter -> Access -> Hashdump from noting all hashes
+  into the credentials table.
+
+07.30.11 - Paying down some engineering debt.
+--------
+- Loot viewer no longer displays non-text files. If you try to "view" a 
+  binary loot, it will the folder containing it.
+- Improved UI responsiveness by making sure all communication with Metasploit
+  happens in some thread other than the UI thread. This will prevent latency
+  from bogging the UI down and making it feel locked up. Armitage will also
+  feel a lot faster for many actions.
+- The code that creates a console, executes a command, and calls a callback
+  now uses a much tighter sleeping schedule (10ms vs 500ms). This greatly
+  improves Armitage responsiveness.
+- Armitage connect progress dialog now shows progress setting up the Armitage
+  environment once a connection is successful. Chances are it'll happen fast
+  enough that you won't see it. 
+- View -> Activity Log now opens activity log folder on MacOS X.
+- Removed restriction that prevents user from deleting/clearing default 
+  workspace.
+- File chooser helper used to set values in the module launch dialog now 
+  escapes all backslashes in the path. This fixes a problem on Windows caused 
+  by the console stripping the unescaped backslashes.
+
+07.28.11 - Armed for Metasploit 4
+--------
+- Armitage now sends use prive with use stdapi when it gets a command not
+  found error in Meterpreter.
+- Armitage now sends BLANK_PASSWORDS 0 with any Login menu items. This
+  should speed up the login by forcing Metasploit to not try a blank
+  user/password first.
+- Armitage no longer sends payload related variables to auxiliary modules.
+  (note to programmer: auxiliary modules don't use PAYLOADs :P~~~)
+- Module launch dialog for client-side attacks (fileformat and browser) 
+  now presents payload options to you. They're still configured to a 
+  reasonable default (and updated as the exploit target changes).
+- Client-side payload "guess" is now better about selecting an OS X specific
+  payload when appropriate.
+- Double-click the PAYLOAD option in the module launch dialog to open a 
+  chooser that lets you select a payload and choose whether to create a 
+  handler for it or not. This will configure the appropriate payload vars
+  for you. You're welcome to tweak them from there.
+- Simplified some of the logic in the file browser and added better error
+  reporting.
+- Added a visual hint to clickable option names in the module launcher.
+  Double-clicking these options will open a dialog to assist setting the value.
+- Added a visual hint to clickable preference types in the preferences window.
+  Double-clicking these types will open a dialog to assist setting the value.
+- Fixed a potential deadlock caused by launching modules while Armitage is
+  still initializing.
+- Added a preference to disable displaying the MSF ASCII banner when a new
+  console opens. This preference is set to show the banner by default.
+- Added a regexp to strip non-ascii chars from usernames collected with dump
+  hashes. The RPC daemon throws an exception when I try to report usernames
+  with these chars in them.
+
+23 Jul 11 - Change Log
+---------
+- Ooops! My baaad. I broke db.creds in MSF. Someone else unbroke it. Now
+  I call it the right way from Armitage so everything works like it's 
+  supposed to. :)
+
+21 Jul 11 - Change Log
+---------
+- loots dialog is now populated by db.loots RPC call. This is faster
+  and compatible with changes made to MSF.
+- credentials dialog is now populated by.creds RPC call. This is 
+  faster and compatible with changes made to MSF.
+- RPC connection code now strips out more characters that may cause 
+  the XML parser to complain. 
+
+  ** There were a few changes made to MSF over the past few days that
+     broke the credentials and loots dialog. This update brings Armitage
+     back to compatability with what exists in MSF trunk. **
+
+19 Jul 11 - Change Log
+---------
+- You may now execute a post module against multiple hosts at once.
+  Simply highlight the hosts, find your post module, double-click it
+  and watch the magic happen. The drawback--each session will open a
+  new tab to display the output of the post module.
+- You may now hold down shift and click on a tab to close all tabs
+  with the same title. If you run a post module against multiple hosts
+  this is a good way to get rid of all those tabs.
+- Graph view Ctrl+P shortcut (save screenshot of graph view) now shows
+  pivots.
+- post module output now logs to ~/.armitage/[host]/post.log
+- Fixed some weirdness with popup menu mouse events not being consumed
+- Added View -> Activity Logs to open folder containing Armitage logs
+- Fixed command history so up arrow really gives the previous command
+- Keystrokes dumped using dump button on key scan dialog are now logged
+  to ~/.armitage/[host]/keyscan.log
+
+  *Respun* Armitage.dmg with .app file fix for MacOS X Lion. Thanks to
+  @NightLion for contributing this.
+
+12 Jul 11 - Change Log
+---------
+- Fixed a race condition causing some file browser actions to fail on 
+  Windows hosts at times.
+- Files downloaded through file browser are now archived in:
+  [host]\Downloads
+- Hail Mary output nows goes to [log dir]\all\hailmary.log
+- Added Crack Passwords button to Credentials tab. This opens the 
+  launcher for John the Ripper: auxiliary/analyze/jtr_crack_fast
+- Added Post Modules item to Meterpreter N -> Explore and Shell N menus. 
+  This menu item will show applicable post-exploitation modules in 
+  the module browser.
+- Loot browser now opens loot viewer as a tab.
+- Loot viewer now has many of the same keyboard shortcuts as a console
+  tab. You can Ctrl+F to search for stuff, Ctrl+Plus/Minus to increase
+  and shrink the font, and Ctrl+A to select everything.
+
+02 Jul 11 - Change Log
+--------- 
+- Doubled wait time for Meterpreter ls command to complete.
+- Armitage now shows psexec option instead of smb on Login menu for
+  Windows hosts (when smb service is present).
+- Fixed bug preventing manual import of a single host
+- Removed automatic resending of console commands that didn't appear
+  sent. This was a work-around for a msf bug that may not be present
+  anymore. We'll find out.
+- Removed --script-all from NMap profiles. I saw quite a discussion
+  about this on the NMap mailing list. Oops. Oh well :)
+	http://seclists.org/nmap-dev/2011/q2/572
+- All host import options now use Metasploit's import_data RPC call.
+  This is what all the remote calls map to anyways.
+- Added Help button to start dialog.
+- Armitage now opens cmd.exe and executes programs from the file 
+  browser using the current process token (execute -t in Meterpreter)
+- Added logging. Logs are stored in ~/.armitage organized as
+  [date]/[host]/[file]. The logging captures:
+
+  - all Console tab output (console.log)
+  - the collaboration event log (event.log)
+  - all Meterpreter tab output (meterpreter_[session].log)
+  - all Command Shell tab output (cmd_[session]_[pid].log)
+  - all Shell tab output (shell_[session].log)
+  - all Screenshots captured through Armitage (.../Screenshots/)
+  - all Webcam shots captured through Armitage (.../Webcam Shots/)
+
+  You can turn this off by setting armitage.log_everything.boolean
+  to false in the Armitage preferences.
+- Added a Reset button to preferences dialog to reset Armitage 
+  preferences.
+- SSL now defaults to off on all platforms
+- Added a Default button to the database settings helper. This 
+  button loads the default database settings ignoring what is in the
+  config file.
+- Loot viewer now uses the same colors and font as a console tab
+- Fixed bug preventing Loot browser from populating data/time column
+- Preferences dialog now brings font and shortcut dialogs to front
+  to prevent them from being hidden by prefs dialog.
+
+24 Apr 11 - Happy Birthday Gerry Edition
+---------
+- Added a check to prevent jerk faces from entering an empty nick in
+  collaborative mode. :)
+- Fixed a potential dead-lock condition with the screenshot/webcam
+  shot tab.
+- Armitage -> Listeners -> Reverse now binds to 0.0.0.0. 
+- Host import now posts an event to the collab mode shared event log
+- added an option to display an MOTD message to clients that connect
+  to Armitage in the collaboration mode. Use -m or --motd before
+  --server and specify a file, e.g.:
+
+  armitage -m /path/to/motd.txt --server ...
+
+  Clients will see this message when they connect.
+- Added Meterpreter -> Access -> Pass Session to send a meterpreter
+  session to a handler set up on another host.
+- Armitage now sets ExitOnSession to false for multi/handlers started
+  within Armitage.
+- Pivoting and ARP Scan dialogs now highlight first option by default.
+- Added a sanity check to the Route class to prevent malformed IPs
+  from screwing up sorting.
+- Removed sqlite3 from the database options. I should have done this
+  long ago--it has no place in Armitage.
+- Armitage now intercepts meterpreter "shell" command and opens a 
+  new tab with the cmd.exe interaction in it.
+
+17 Apr 11 - Change Log 
+---------
+- Windows command shell interactions are now less likely to die. How
+  oh how did we get here? Armitage interacts with cmd.exe through a
+  Meterpreter channel. If an unnecessary read happens, it ties up the
+  meterpreter session for 10-20s AND the channel dies. If you typed
+  commands in too quickly, it's probable that Armitage would do an
+  unnecessary read and the channel would die. I believe I've headed 
+  off this problem. Armitage now locks the channel until the command 
+  completes. If the command times out or completes, the channel 
+  becomes unlocked. This should prevent most out of place reads. In
+  collaboration mode, this was a great way for excited teammates to
+  tie up the meterp session for everyone. :) "I typed this command
+  20 times and nothing happened!!!" Doh! You queued 20 reads with a
+  10-20S timeout each and destroyed that channel. -- Armitage 
+  protects against this situation now.
+- Command history no longer saves empty commands.
+- Armitage server mode now provides all details that a client needs
+  to connect to the server.
+
+13 Apr 11 - Change Log (Dayton, OH Capstone Edition)
+---------
+- Metasploit now has host normalization (this is great news). I've 
+  removed the OS reporting code from Armitage as a consequence. This 
+  means less overhead communicating with Metasploit
+- Fixed a potential deadlock triggered when interacting with a Windows
+  command shell. Sorry about the freezes Matt and Brant.
+- Fixed a strange condition in Armitage that sometimes caused shell
+  sessions to die.
+- Download from file browser now notifies user when a file is downloaded.
+- Armitage server mode now prints database connect string to console to
+  assist with set up of Metasploit teaming.
+- Fixed a bug causing exploit recommendations to not show for Windows 
+  hosts due to host normalization
+- Added a check to prevent cd .. button in file browser from retriggering
+  too quickly. This will prevent the meterpreter command queue from 
+  becoming very backed up doing a cd/ls over and over again.
+- Graph view no longer counts edges as a selected item when creating a
+  list of hosts to apply an action to.
+- Added another heuristic to prevent Windows cmd.exe interaction from 
+  locking up.
+
+10 Apr 11 - Change Log
+---------
+- Fixed key logger dump button.
+- Process migrate function displays success or fail message again.
+- Armitage now displays nmap output in a tab. You can thank scriptjunkie
+  for making this work in Metasploit. Please send cash, check, or money
+  order directly to him.
+- Greatly improved post-pivot host discovery workflow... here's the deal:
+  -- [host] -> Meterpreter -> ARP Scan menu now shows networks local to
+     host and lets you choose to launch an ARP scan from that Meterpreter
+     session.  
+  -- Highlight one or more hosts, right-click, and select Scan to launch
+     MSF discovery scans against the highlighted hosts.
+- Added a rudimentary loot browser/viewer to Armitage. Go to View -> Loot
+  to see the currently captured loots. Loot is the Metasploit term for 
+  data captured by certain post/ modules.
+- Armitage now presents a warning when it detects a second Metasploit 
+  user connected to the same Metasploit server without the collaboration
+  server in place.
+- Armitage collaboration mode now updates target information more often
+- Updated Armitage to work with Metasploit's new normalized host OS 
+  constants and to restore the os_flavor value when it is wiped out.
+
+16 Mar 11
+---------
+- Shell -> Disconnect now executes in a separate thread.
+- Armitage now creates ~/armitage-tmp and writes there if the current dir
+  is /Applications or it can't write to the current directory.
+- Fixed a potential deadlock issue in the file browser
+- Directory up button in file browser now shows that it has been pressed
+- Added Execute option to file browser (now you can run a program by
+  right-clicking on it and selecting Execute--for Jesse)
+- Multiple improvements to responsiveness of command shell and meterpreter
+  tabs. This should benefit collaboration mode too.
+
+12 Mar 11 (MACCDC Post Day 1 Update)
+---------
+- Fixed a bug preventing host import from working with a remote connection
+- Armitage client now increases default wait for meterpreter commands to
+  complete when in teaming mode.
+- Increased wait time to download a generated payload file to 8s.
+
+11 Mar 11 Update (0100h EST)
+---------
+- Fixed a deadlock condition in the module launcher (caused by the changes
+  to increase responsiveness... oops).
+
+10 Mar 11 Update (2230h EST)
+---------
+- Fixed race condition importing manual list of hosts (sometimes the file
+  would get deleted). Grr.
+- Added a lock to prevent multiple Armitage clients from trying to 
+  determine what OS a box has. This should help in CTF situations.
+
+10 Mar 11 Changes
+---------
+
+Quick story: NECCDC 2011 Red Team. TJ launches a script that lands 70
+sessions in the first few seconds. 11 red team members are connected to
+Armitage eager to carry out their pieces of pwnage. The Ruby process pegs
+the CPU and Armitage fails spectacularly. Very funny. This releases fixes
+that. 
+
+- Armitage YAML parser now accepts quoted strings in the YAML fields
+- Added caching of sessions.list, db.hosts, and db.services to Armitage 
+  collaboration server. This should help prevent msfrpcd from overloading
+  when many clients are connected and owning boxen at one time.
+- Improved GUI responsiveness by making several parts of the Armitage GUI
+  spawn a new thread to avoid blocking while communicating with Metasploit
+- Added a tooltip to the "Start MSF" and "Connect" buttons to clarify use
+- Export credentials button now prompts for a remote file when connected 
+  to a remote Metasploit instance.
+- Export credentials and payload generate output now transparently  
+  downloads to your local host when connected to Armitage's collab server.
+- Armitage now loads stdapi in Meterpreter if it finds it's not loaded. 
+  Armitage also prompts you to rerun the failed command when this happens.
+- Right-click in services now shows popup for taking actions against 
+  selected hosts. Now you can do mass actions against hosts sorted by port.
+- Added Access -> Persist to Meterpreter menu. This will run Meterpreter's
+  persistence script using the default Armitage handler. Meterpreter will
+  start at boot and at login.
+- Added an Armitage.app file for MacOS X. Use Armitage from OS X as a
+  client to connect to Metasploit hosted in other places.
+- Added a check for whether current working directory is writeable or not.  
+  If it's not, Armitage does all of its read/write operations in home dir.
+
+Tested with 10 concurrent Armitage clients from four boxes with 140+ shell 
+sessions and a few meterpreter sessions. I think we're ready to rock now.
+
+27 Feb 11 Changes
+---------
+- Webcam snap features works again. Sorry about that. :)
+- Download file button in file browser now works through the collaboration
+  server. This feature has a few limitations / requirements:
+
+  1) Armitage server must have the same $PWD as msfrpcd
+  2) Files must download in less than 12s or else you'll need to retrieve
+     them from the msfrpcd host.
+  3) Recursive downloads of files from a directory are kept on the host with
+     msfrpcd. You'll need to retrieve them with sftp or something else.
+
+25 Feb 11 Changes
+---------
+
+This release is primarily bug fixes. The network attack collaboration 
+feature is further tested and ready for your use.
+
+See: http://www.youtube.com/watch?v=coF8dVLBnOQ
+
+- Armitage now consumes data from msfrpcd's stderr when Start MSF button is
+  used. This means Armitage won't lock up when database tables are 
+  initialized during the first run on Windows.
+- pivoting, logins, hail mary, and pass-the-hash now print to the event log.
+- Pass-the-hash dialog is now available via [host] -> Login -> psexec.
+- Fixed bug causing Event Log menu to be present outside of collab mode.
+- armitage.sh start-up shell script is now named armitage
+- Console destroy and shell unlocking commands on tab close now happen in a
+  new thread to prevent the GUI from blocking.
+- Armitage now stops meterpreter read thread when it detects a dead session.
+- Replaced jyaml with a quick and dirty parser that doesn't mistake ####e#
+  for a double number. This was screwing up connecting to postgres for some
+  of you.
+- Upload button in file browser now works through Armitage's collab server
+- Added Ctrl+P shortcut to save screen capture of hosts graph view 
+  
+22 Feb 11 Changes
+---------
+- Improved shell "when should I read more data from this channel" heuristic. 
+  This means command shell sessions should not freeze on an errant Meterp.
+  read command that blocks until the universe is recreated.
+- Fixed a potential deadlock using Armitage's meterpreter dialogs with a 
+  meterpreter tab open.
+- Command shell tab now only opens when Armitage knows channel and PID 
+  settings
+- Rewrote how Armitage interfaces with Meterpreter. This has a few impacts:
+  -- Armitage now waits for a command to execute and reads its output
+     before executing another command. This prevents Armitage from getting
+     confused when you're doing a lot of stuff at once.
+  -- You can now open multiple meterpreter console tabs for a session 
+  -- Commands executed by Armitage's dialogs will not show up in your 
+     Meterpreter tab(s).
+- File browser now does a cd "current directory" before each action. 
+- Added a network attack collaboration feature to Armitage. This is as 
+  beta as it gets (although it *should* work). To use it, start msfrpcd
+  and connect Armitage's collaboration server (on the same box as msfrcpd!)
+
+  ./armitage --server host port user pass [ssl? 1 or 0]
+
+  This will connect Armitage's collaboration server to the Metasploit RPC 
+  daemon you specify. This server will then bind port+1 and tell future 
+  Armitage clients to use it for extra collaboration features.
+
+  Connect one or more remote Armitage clients as normal. Some of the 
+  features you get in this mode:
+
+  1. View -> Event Log for chatting and watching major events
+  2. Command shell and webcam/screenshot features work for remote clients
+  3. Armitage clients automatically lock a shell session when they're in use
+     and notify other clients that it's locked if they try to use it.
+  4. Transparent real-time sharing of meterpreter amongst multiple clients.
+- Payload generation now works on Windows (I wasn't escaping the backslashes
+  in the paths... doh!)
+- Armitage now prompts you for a path (and not a file chooser) when generating
+  a payload using a remote connection to Metasploit.
+- Armitage now loads database settings from file in MSF_DATABASE_CONFIG env var
+- You can now highlight text in the Armitage console tabs on MacOS X.
+- Fixed a potential deadlock when opening a Windows command shell tab
+
+Update 9am EST
+- Removed a remnant of my development environment from server.sl. If you see:
+  jar file to import package from was not found! at line 25
+
+  Then you need to update.
+
+13 Feb 11 Changes
+---------
+- Organized View menu (it was getting out of control)
+- Added RPC Console item to view menu (Start MSF only). This item will show
+  the STDOUT for msfrpcd. Use this to watch nmap's output.
+- Added Ctrl+A shortcut to select all text in a console tab
+- Kill meterpreter, kill pivots, and credential dumps now use fresh 
+  consoles to execute. This ensures they will execute even if the global
+  console is stale (this sometimes happens.)
+- Added tab completion to Meterpreter window.
+- Hosts -> Import Hosts now lets you select multiple files to import at once.
+- Use SSL is now checked by default on Linux (and unchecked by def. on Win)
+- Updated Armitage to remove or alter some UI options when connected to a 
+  remote Metasploit RPC instance. 
+
+  -- Meterpreter shell is the only interact option 
+  -- Webcam and Screenshot menu items are gone
+  -- Upload asks for a full file name rather than show a file chooser dialog
+
+  These adjustments are necessary during remote connections as Armitage does
+  not have access to the local file system of the Metasploit RPC daemon.
+
+21 Jan 11 Changes
+--------- 
+- Increased wait time between connection attempts to MSF RPC
+- Fixed bug with Windows command shell not working when using Armitage from a
+  Windows host. 
+- Host refresh using sysinfo now only happens when no OS is set for the host.
+- Fixed a deadlock condition caused when an automatic sysinfo request was 
+  made while a Meterpreter tab for the same host was open.
+
+18 Jan 11 Changes
+---------
+- Added a Migrate Now! item to Meterpreter Access menu. Runs migrate -f.
+- Right-click in Meterpreter console now shows menu as before (silly bugs).
+- Armitage now detects hashdump failure and reports possible causes to you.
+- Armitage now binds default handler to 0.0.0.0. 
+- Added a table view for the targets area. Go to View -> Targets to change the
+  setting. If you're working with many hosts, table view may be better for you.
+- Added preliminary support for Metasploit post/ modules. You can launch them 
+  and if a host is highlighted, Armitage will populate the SESSION var for you.
+- Armitage now uses the sysinfo command in a meterpreter session to pull host
+  OS info if it doesn't know it. This also means Armitage will auto-populate
+  the host OS when a client-side attack is successful.
+- Tab completion is now ignored when input field is empty
+
+13 Jan 11 Changes
+---------
+- Hosts reported as Windows Me now display W2K era Windows logo.
+- "Hail Mary" attack is now launched and managed by Armitage. Exploits are 
+  selected using the output of db_autopwn AND the operating system information
+  Armitage knows. Also attacks are launched in a more optimal order (sorted by 
+  exploit rank/age). This is a big improvement over db_autopwn by itself. 
+- Added a link to the Armitage Issue Tracker in the Help menu.
+- Updated remote exploit payload selection to choose Java payloads or Windows 
+  shell payloads before resorting to the generic/* payloads.
+- Updated client-side exploit launcher to let you select the target. Armitage 
+  uses this target (plus the exploit name) to determine which payload to use.
+  multi/java_signed_applet works very nicely now ;)
+- Fixed (once and for all now) the mysterious OS info not refreshing bug.
+  Now those pretty OS pictures will show up if Metasploit knows about the OS.
+- Added a 52 character length limit to a target's description in the target
+  dropdown. This stops weird GUI layouts caused by long target descriptions.
+- Exploit recommendations now take into account FreeBSD hosts.
+- Added an OpenBSD option to the hosts menu.
+- Armitage now does a setg AutoLoadStdapi true when setting up MSF.
+- Last modified field of file browser now sorts properly.
+- Jobs console and its kill feature should now work in all circumstances.
+- Session menus for meterpreter now limited for non-Win meterp sessions.
+- Updated Armitage/Windows to provide a better startup experience. Simply
+  extract the archive over your MSF install and rock n' roll.
+
+22 Dec 10 Changes
+---------
+- Updated meterpreter shell and command shell console to honor your set
+  preferences. I forgot to pass $preferences to the console constructor. Doh!
+- Added a -d/--debug command line option. This will dump System.getProperties()
+  and a log of all exchanges with the MSF server to debug.log in the current
+  working directory.
+- To play nice with existing conventions, Armitage is now licensed under the
+  BSD license. Distribute, use, reuse, recycle.... have fun.
+- Fixed a deadlock condition that arose when a large nmap scan is imported
+- About dialog now shows up centered.
+- Armitage now has a graphic for Cisco IOS. You can mark a host as a Cisco IOS 
+  device. Also Armitage recognizes IOS from an NMAP Scan.	
+- Fixed Armitage "crash" due to read timeouts. This would occur for those of
+  you who ran a really taxing operation (e.g., db_autopwn).
+- Added a time limit flag to db_autopwn (20s)
+- Ctrl+R is now even more aggressive clearing internal data structures.
+- Shell N -> Meterpreter... no longer blocks waiting for the operation to
+  complete.
+
+13 Dec 10 Changes
+---------
+
+- Added Meterpreter -> Browse -> Webcam Shot to grab webcam snap shots.
+- You may now click the image in the webcam/screenshot view to save it.
+- Workspace -> Create menu now automatically switches you to the net workspace.
+- UNIX shell sessions now have an Upload... menu. This item will open a local
+  file and use the printf command on the remote host to put it together. It's 
+  slow but it works. 
+- Removed the rename file menu item from the file browser. It turns out I had 
+  my Windows command shell vs. meterpreter command interface crossed. The 
+  command doesn't exist in Meterpreter.
+- Upload button now waits until file is uploaded to refresh file listing
+- Added Timestomp item to File Browser popup menu. This works like a clipboard.
+  Select Get MACE to capture the MACE values of the current file. Use Set MACE
+  on another file to set the MACE values to the currently known attributes.
+- Dump hashes menu item no longer pulls up a new credentials tab. 
+- Added a Refresh button to the credentials tab.
+- Updated db refresh code to be a little smarter about when it needs to merge
+  db_notes hints into the MSF database.
+
+6 Dec 10 Changes
+--------
+
+- added -y filename.yml command line option for specifying a YAML file with
+  database parameters
+- updated "Start MSF" to launch "ruby msfrpcd" on Windows. This requires the 
+  current working directory of Armitage be set to the Metasploit base directory.
+- jobs view now parses job output with only 3 columns of information.
+- connect dialog is now centered on your screen when you start Armitage
+- Armitage now saves your settings when you use Start MSF.
+- Armitage now forces cells in editor mode to save before launching a module or
+  an exploit. This should prevent a few surprises where things seemed like they
+  weren't working for a few of you.
+- MSF Discovery Scans are now started from a separate thread, preventing 
+  Armitage from "locking up" while the scans launch. A dialog also comes up to
+  state how many scans were launched.
+- MSF Discovery Scans are now limited to 2 threads/scan on Windows and 8 on
+  other operating systems. This prevents serious lag issues caused by 
+  starting too many threads.
+- connect dialog is now a window, meaning it has an icon in whatever your 
+  window manager is and if you close it Armitage exits.
+- updated DB Connect String helper dialog to ask for DB user, DB pass, DB host, 
+  and DB name. This should prevent some of you from confusing the database 
+  user/pass with the MSFRPCD user/pass.
+- Current environment variables are now passed to msfrpcd when executed from
+  Armitage. This will allow msfrpcd to inherit any PATH changes and other 
+  necessary things when Armitage is run from a shell script or batch file.
+- Added .svn folders to the Armitage distribution. Now you can use svn update .
+  to keep your install of Armitage up to date.
+- File browser upload and make directory commands now allow files with spaces
+  in them.
+- Armitage will now exit if it takes longer than 5 seconds to shutdown msfrpcd
+  when cancel is pressed during the connecting phase.
+
+25 Nov 10
+---------
+- start msf button now kills msfrpcd session if db_connect fails
+- set default database options to mysql with BackTrack 4 R2 settings.
+- Armitage -> Exit menu now kills msfrpcd, if the "Start MSF" button was used
+- Added ability to set up a multi/handler from Payload launch dialog
+
+13 Nov 10
+---------
+- fixed file browser directory icon showing up in every field within Windows L&F
+- added an export button to the credentials view. This will save the credentials to 
+  a pwdump format file.
+- fixed console highlighting issue, sadly you'll need to click in the console input 
+  box for it to have focus again. Write once, debug everywhere.
+- added "hail mary" attack option--this launches db_autopwn
+- attack menus now honor the armitage.required_exploit_rank.string setting
+- added Ctrl+R shortcut for refreshing the target view (esp. OS info)
+- fixed db_notes parsing for latest version of MSF (3.5.x?)
+- fixed how auxiliary scans are displayed in the jobs table.
+- db connect helper now prepopulates fields with info taken from connect string
+- added an 8s timeout to abort the database connect if it fails.
+- OS from db_notes to db_hosts refresh is now guaranteed on connect
+- Packaged everything into a single jar file, now I can code in what I like 
+  without hassle from people who are too lazy to look at the code.
+- SSL handshake now fails after 8 seconds (should give those of you trying
+  an SSL connect to a non-SSL server an idea that something is up)
+- added an executable to launch Armitage on Windows
+- fixed command shell interaction bug caused by directories with spaces.
+- Start MSF button now reports an error if it couldn't start MSF-RPC
+
+2 Nov 10
+--------
+- Initial (priv8) release.
@@ -1,31 +0,0 @@
---
-# Creates a template that will be vulnerable to ESC15 (subject name supplied in
-# the request and schema version is 1). Fields are based on the SubCA template.
-# For field descriptions, see:
-# https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-crtd/b2df0c1c-8657-4684-bb5f-4f6b89c8d434
-showInAdvancedViewOnly: 'TRUE'
-# this security descriptor grants all permissions to all authenticated users
-nTSecurityDescriptor: D:PAI(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;AU)
-flags: 0
-pKIDefaultKeySpec: 2
-pKIKeyUsage: !binary |-
-  hgA=
-pKIMaxIssuingDepth: -1
-pKICriticalExtensions:
- 2.5.29.19
- 2.5.29.15
-pKIExtendedKeyUsage:
-# Server Authentication OID (alter the EKUs via ESC15)
- 1.3.6.1.5.5.7.3.1
-pKIExpirationPeriod: !binary |-
-  AEAepOhl+v8=
-pKIOverlapPeriod: !binary |-
-  AICmCv/e//8=
-pKIDefaultCSPs: 1,Microsoft Enhanced Cryptographic Provider v1.0
-msPKI-RA-Signature: 0
-msPKI-Enrollment-Flag: 0
-# CT_FLAG_EXPORTABLE_KEY
-msPKI-Private-Key-Flag: 0x10
-# CT_FLAG_ENROLLEE_SUPPLIES_SUBJECT
-msPKI-Certificate-Name-Flag: 1
-msPKI-Minimal-Key-Size: 2048
@@ -1,27 +0,0 @@
---
-# Creates a template that will be vulnerable to ESC1 (subject name supplied in
-# the request). Fields are based on the SubCA template. For field descriptions,
-# see: https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-crtd/b2df0c1c-8657-4684-bb5f-4f6b89c8d434
-showInAdvancedViewOnly: 'TRUE'
-# this security descriptor grants all permissions to all authenticated users
-nTSecurityDescriptor: D:PAI(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;AU)
-flags: 0
-pKIDefaultKeySpec: 2
-pKIKeyUsage: !binary |-
-  hgA=
-pKIMaxIssuingDepth: -1
-pKICriticalExtensions:
- 2.5.29.19
- 2.5.29.15
-pKIExpirationPeriod: !binary |-
-  AEAepOhl+v8=
-pKIOverlapPeriod: !binary |-
-  AICmCv/e//8=
-pKIDefaultCSPs: 1,Microsoft Enhanced Cryptographic Provider v1.0
-msPKI-RA-Signature: 0
-msPKI-Enrollment-Flag: 0
-# CT_FLAG_EXPORTABLE_KEY
-msPKI-Private-Key-Flag: 0x10
-# CT_FLAG_ENROLLEE_SUPPLIES_SUBJECT
-msPKI-Certificate-Name-Flag: 1
-msPKI-Minimal-Key-Size: 2048
@@ -1,30 +0,0 @@
---
-# Creates a template that will be vulnerable to ESC2 (any purpose EKU).
-# Fields are based on the SubCA template. For field descriptions,
-# see: https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-crtd/b2df0c1c-8657-4684-bb5f-4f6b89c8d434
-showInAdvancedViewOnly: 'TRUE'
-# this security descriptor grants all permissions to all authenticated users
-nTSecurityDescriptor: D:PAI(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;AU)
-flags: 0
-pKIDefaultKeySpec: 2
-pKIKeyUsage: !binary |-
-  hgA=
-pKIMaxIssuingDepth: 0
-pKICriticalExtensions:
- 2.5.29.19
- 2.5.29.15
-pKIExtendedKeyUsage:
-# Any Purpose OID
- 2.5.29.37.0
-pKIExpirationPeriod: !binary |-
-  AEAepOhl+v8=
-pKIOverlapPeriod: !binary |-
-  AICmCv/e//8=
-pKIDefaultCSPs: 1,Microsoft Enhanced Cryptographic Provider v1.0
-msPKI-RA-Signature: 0
-msPKI-Enrollment-Flag: 0
-# CT_FLAG_EXPORTABLE_KEY
-msPKI-Private-Key-Flag: 0x10
-# CT_FLAG_SUBJECT_ALT_REQUIRE_UPN | CT_FLAG_SUBJECT_REQUIRE_DIRECTORY_PATH
-msPKI-Certificate-Name-Flag: 0x82000000
-msPKI-Minimal-Key-Size: 2048
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Tod Beardsley	279a61d0f4	Add the optional pause for Windows	2013-01-15 13:44:59 -06:00
Tod Beardsley	db4a392de2	Msfupdate should check for installation validity This fix will allow people to at least solve their own msfupdate problems by registering for Community Edition. [SeeRM #7690]	2013-01-15 13:44:59 -06:00
				`@@ -1 +0,0 @@`
				`This directory contains ActiveRecord concerns, models and validators.`