Make up our damn mind

wchen-r7 · wchen-r7 · commit 1992a5648d22 · 2015-07-14T15:09:23.000-05:00
diff --git a/lib/msf/core/exploit/browser_autopwnv2.rb b/lib/msf/core/exploit/browser_autopwnv2.rb
@@ -563,6 +563,7 @@ def start_service
       proto = (datastore['SSL'] ? "https" : "http")
       srvhost = (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address : datastore['SRVHOST']
       srvport = datastore['SRVPORT']
+      port = datastore['URIPORT'] == 0 ? datastore['SRVPORT'] : datastore['URIPORT']
       service_uri = "#{proto}://#{srvhost}:#{srvport}#{get_resource}"
       print_status("Please use the following URL for the browser attack:")
       print_status("BrowserAutoPwn URL: #{service_uri}")
@@ -654,15 +655,15 @@ def get_exploit_urls(cli, request)
 
       exploit_list.each do |mod|
         proto = datastore['SSL'] ? 'https' : 'http'
+        # We haven't URIHOST and URIPORT into account here because
+        # the framework uses them only on `get_uri`
         host = ''
-        if datastore['URIHOST']
-          host = datastore['URIHOST']
-        elsif datastore['SRVHOST'] && datastore['SRVHOST'] != '0.0.0.0'
+        if datastore['SRVHOST'] && datastore['SRVHOST'] != '0.0.0.0'
           host = datastore['SRVHOST']
         else
           host = Rex::Socket.source_address
         end
-        port = datastore['URIPORT'] == 0 ? datastore['SRVPORT'] : datastore['URIPORT']
+        port = datastore['SRVPORT']
         resource = mod.datastore['URIPATH']
         url = "#{proto}://#{host}:#{port}#{resource}"
         urls << url
