Why exactly does the capture http module in metasploit serve iframe elements to common sites on every request?
Let's say you have a setup that redirects all http traffic to your local machine, when someone does an http request your machine take the connection, metasploit serves the template and the iframe's get redirected to you as well. The problem with this is these subsequent requests get served the same template so you get some nasty recursion that takes down the browser.
The alternative is to just redirect a single http connection to your site, in this case you never see the requests generated by the template so it has no real purpose.
The way that makes sense is to serve the template only on the first request from an ip and only serve 404 messages for any subsequent requests.
In short, am I completely missing something?