Fix #8675, Add Cache-Control header, also meta tag for BAP2

Hopefully that browsers will respect this.

Fix #8675

lib/msf/core/exploit/browser_autopwn2.rb

@@ -810,6 +810,7 @@ module Msf
 
       %Q|<html>
       <head>
+      <meta http-equiv="cache-control" content="no-cache" />
       <script>
       #{js}
       </script>

lib/msf/core/exploit/http/server.rb

@@ -32,6 +32,7 @@ module Exploit::Remote::HttpServer
 
     register_evasion_options(
       [
+        OptBool.new('HTTP::no_cache', [false, 'Disallow the browser to cache HTTP content', false]),
         OptBool.new('HTTP::chunked', [false, 'Enable chunking of HTTP responses via "Transfer-Encoding: chunked"', false]),
         OptBool.new('HTTP::header_folding', [false, 'Enable folding of HTTP headers', false]),
         OptBool.new('HTTP::junk_headers', [false, 'Enable insertion of random junk HTTP headers', false]),
@@ -558,6 +559,10 @@ module Exploit::Remote::HttpServer
       response.headers.junk_headers = 1
     end
 
+    if datastore['HTTP::no_cache']
+      response.headers['Cache-Control'] = 'no-store, no-cache, must-revalidate'
+    end
+
     headers.each_pair { |k,v| response[k] = v }
 
     cli.send_response(response)

modules/auxiliary/gather/browser_info.rb

@@ -74,7 +74,7 @@ class MetasploitModule < Msf::Auxiliary
 
   def on_request_exploit(cli, req, target_info)
     print_target_info(cli, target_info)
-    send_not_found(cli)
+    send_response(cli, '')
   end
 
   def run