adobe_flash_sps.rb - resource_uri vs get_resource

resource_uri will randomize the returned uri unless
datastore['URIPATH"] is set.

get_resource will return the currently used reosurce_uri

Since the incorrect type is used, this exploit is completely broken.

Tested fix with both URIPATH set to / and unset, and it works after
redirect.

Author: Ruslaideemin

modules/exploits/windows/browser/adobe_flash_sps.rb

@@ -108,8 +108,8 @@ def on_request_uri(cli, request)
 		end
 
 		# Redirect to a trailing slash so relative paths work properly
-		if resource_uri != "/" and not request.uri.index("#{resource_uri}/")
-			uri = resource_uri + "/"
+		if get_resource != "/" and not request.uri.index("#{get_resource}/")
+			uri = get_resource + "/"
 			send_redirect(cli, uri)
 			return
 		end