Start with a random username to test 401 codes

SeeRM rapid7#7991

While this fixes the specific case of tomcat_mgr_login, it doesn't
address the general case where modules are attempting to test code 401
responses in order to determine if bruteforcing should continue.

Author: Tod Beardsley

modules/auxiliary/scanner/http/tomcat_mgr_login.rb

@@ -75,7 +75,8 @@ def run_host(ip)
 			uri = normalize_uri(datastore['URI'])
 			res = send_request_cgi({
 				'uri'     => uri,
-				'method'  => 'GET'
+				'method'  => 'GET',
+				'username' => Rex::Text.rand_text_alpha(8)
 				}, 25)
 			http_fingerprint({ :response => res })
 		rescue ::Rex::ConnectionError => e