Fix rapid7#7021, Pass exploit SRVPORT in BrowserAutopwn2

In BrowserAutoPwn2, the mixin forgets to pass the SRVPORT datastore
option to the exploits, so they always use the default 8080. As a
result, if a different SRVPORT is set, BAP2 would be serving the
target machine with bad exploit links.

Fix rapid7#7021

Author: wchen-r7

lib/msf/core/exploit/browser_autopwn2.rb

@@ -130,6 +130,7 @@ def set_exploit_options(xploit)
       xploit.datastore['PAYLOAD']     = p.first[:payload_name]
       xploit.datastore['LPORT']       = p.first[:payload_lport]
       xploit.datastore['SRVHOST']     = datastore['SRVHOST']
+      xploit.datastore['SRVPORT']     = datastore['SRVPORT']
       xploit.datastore['LHOST']       = get_payload_lhost
 
       %w(JsObfuscate CookieName VERBOSE Retries SSL SSLVersion SSLCipher URIHOST URIPORT).each do |opt|