From a792f85a5f0db41f8843da1ea2fcbfe5095973c6 Mon Sep 17 00:00:00 2001
From: Joe Vennix <joev@metasploit.com>
Date: Wed, 5 Mar 2014 23:27:04 -0600
Subject: [PATCH] Fix re-initialize bug.

---
 lib/msf/core/exploit/remote/browser_exploit_server.rb | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/lib/msf/core/exploit/remote/browser_exploit_server.rb b/lib/msf/core/exploit/remote/browser_exploit_server.rb
index eb48970a21..541665dfe5 100644
--- a/lib/msf/core/exploit/remote/browser_exploit_server.rb
+++ b/lib/msf/core/exploit/remote/browser_exploit_server.rb
@@ -253,7 +253,7 @@ module Msf
     #
     def init_profile(tag)
       sync do
-        @target_profiles[tag] = {}
+        @target_profiles[tag] ||= {}
       end
     end
 
@@ -293,13 +293,12 @@ module Msf
       tag = retrieve_tag(cli, request)
       target_info = get_profile(tag)
       init_profile(tag)
+      update_profile(target_info, :source, source.to_s)
 
       # Gathering target info from the detection stage
       case source
       when :script
         # Gathers target data from a POST request
-        vprint_status("Setting source to :script.")
-        update_profile(target_info, :source, 'script')
         parsed_body = CGI::parse(Rex::Text.decode_base64(request.body) || '')
         vprint_status("Received sniffed browser data over POST: \n#{parsed_body}.")
         parsed_body.each { |k, v| update_profile(target_info, k.to_sym, v.first) }
@@ -310,7 +309,6 @@ module Msf
         # Module has all the info it needs, ua_string is kind of pointless.
         # Kill this to save space.
         fp.delete(:ua_string)
-        update_profile(target_info, :source, 'headers')
         fp.each do |k, v|
           update_profile(target_info, k.to_sym, v)
         end
@@ -391,7 +389,7 @@ module Msf
 
         var query = objToQuery(d);
         postInfo("<%=get_resource.chomp("/")%>/<%=@info_receiver_page%>/", query, function(){
-          
+          window.location="<%= get_module_resource %>";
         });
       }
       |).result(binding())
@@ -466,6 +464,7 @@ module Msf
         # on_request_exploit() to get the target information
         #
         tag = retrieve_tag(cli, request)
+        vprint_status("Serving exploit to user with tag #{tag}")
         profile = get_profile(tag)
         if profile.nil?
           print_status("Browsing directly to the exploit URL is forbidden.")
@@ -475,7 +474,7 @@ module Msf
           send_not_found(cli)
         else
           update_profile(profile, :tried, true)
-          print_status("Setting target \"#{tag}\" to :tried.")
+          vprint_status("Setting target \"#{tag}\" to :tried.")
           try_set_target(profile)
           bad_reqs = get_bad_requirements(profile)
           if bad_reqs.empty?