New upstream version 1.8.8

6045e0dd · Nong Hoang Tu · 229e1b38 · 6045e0dd · 6045e0dd · 6045e0dd
Commit 6045e0dd authored Dec 14, 2021 by Nong Hoang Tu
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
+name: Lint
+on: [pull_request]
+
+jobs:
+  lint:
+    strategy:
+      matrix:
+        python-version: ['3.10']
+        os: [ubuntu-latest]
+    runs-on: ${{ matrix.os }}
+    timeout-minutes: 30
+    steps:
+    - uses: actions/checkout@v2
+    - name: Cache for pip
+      uses: actions/cache@v1
+      id: cache-pip
+      with:
+        path: ~/.cache/pip
+        key: ${{ matrix.os }}-cache-pip
+
+    - name: Set up Python ${{ matrix.python-version }}
+      uses: actions/setup-python@v1
+      with:
+        python-version: ${{ matrix.python-version }}
+
+    - name: Critical lint
+      run: |
+        pip install flake8
+        # https://michaelcurrin.github.io/dev-cheatsheets/cheatsheets/python/linting/flake8.html
+        flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
+
+    - name: Style lint
+      run: |
+        flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --ignore=C901,W503,W504 --statistics > current.txt
+        git fetch origin
+        git checkout origin/"$GITHUB_BASE_REF"
+        flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --ignore=C901,W503,W504 --statistics > base.txt
+        if diff base.txt current.txt | grep "^> ./"; then
+          false
+        fi
--- a/.github/workflows/pylint.yml
+++ b/.github/workflows/pylint.yml
+name: PyLint
+on: [pull_request]
+
+jobs:
+  pylint:
+    strategy:
+      matrix:
+        python-version: ['3.10']
+        os: [ubuntu-latest]
+    runs-on: ${{ matrix.os }}
+    timeout-minutes: 30
+    steps:
+    - uses: actions/checkout@v2
+    - name: Cache for pip
+      uses: actions/cache@v1
+      id: cache-pip
+      with:
+        path: ~/.cache/pip
+        key: ${{ matrix.os }}-cache-pip
+
+    - name: Set up Python ${{ matrix.python-version }}
+      uses: actions/setup-python@v1
+      with:
+        python-version: ${{ matrix.python-version }}
+
+    - name: PyLint
+      run: |
+        set -x
+        pip install pylint
+        pip install --upgrade -r requirements.txt
+        # TODO: donot ignore serialization.py
+        pylint --exit-zero --errors-only --ignore=serialization.py pocsuite3 > current.txt
+        git fetch origin
+        git checkout origin/"$GITHUB_BASE_REF"
+        pylint --exit-zero --errors-only --ignore=serialization.py pocsuite3 > base.txt
+        if diff base.txt current.txt | grep "^> "; then
+          false
+        fi
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
+name: Test
+on: [pull_request]
+
+jobs:
+  test:
+    strategy:
+      matrix:
+        python-version: [3.6, '3.10']
+        os: [ubuntu-latest, macos-latest, windows-latest]
+    runs-on: ${{ matrix.os }}
+    timeout-minutes: 30
+    steps:
+    - uses: actions/checkout@v2
+    - name: Cache for pip
+      uses: actions/cache@v1
+      id: cache-pip
+      with:
+        path: ~/.cache/pip
+        key: ${{ matrix.os }}-cache-pip
+
+    - name: Set up Python ${{ matrix.python-version }}
+      uses: actions/setup-python@v1
+      with:
+        python-version: ${{ matrix.python-version }}
+
+    - name: Install dependencies & Test
+      run: |
+        pip install --upgrade -r requirements.txt
+        python setup.py install
+        python test.py
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -274,6 +274,13 @@ Cross-platform shell code generation
 * fix #228

 # version 1.8.7
+-----------------
 * fix bug
 * optimize code style & docs
 * delete the exe tool for compatibility with dfsg
+
+# version 1.8.8
+-----------------
+* rewrite multi module
+* integrate with interactsh
+* support filter poc by keyword
--- a/README.md
+++ b/README.md
@@ -30,6 +30,7 @@ It comes with a powerful proof-of-concept engine, many nice features for the ult
 * Integrate with [ZoomEye](https://www.zoomeye.org) (for load target from ZoomEye `Dork`)
 * Integrate with [Shodan](https://www.shodan.io) (for load target from Shodan `Dork`)
 * Integrate with [Ceye](http://ceye.io/) (for verify blind DNS and HTTP request)
+* Integrate with [Interactsh](https://github.com/projectdiscovery/interactsh) (for verify blind DNS and HTTP request)
 * Integrate with Fofa (for load target from Fofa `Dork`)
 * Friendly debug PoC scripts with IDEs
 * More ...
@@ -58,12 +59,40 @@ It comes with a powerful proof-of-concept engine, many nice features for the ult

 ## Installation

-The quick way:
+Paste at a terminal prompt:
+
+### Python pip
+
+``` bash
+pip3 install pocsuite3
+
+# use other pypi mirror
+pip3 install -i https://pypi.tuna.tsinghua.edu.cn/simple pocsuite3
+```
+
+### MacOS

 ``` bash
-$ pip3 install pocsuite3
+brew update
+brew info pocsuite3
+brew install pocsuite3
 ```

+### [Debian](https://tracker.debian.org/pkg/pocsuite3), [Ubuntu](https://launchpad.net/ubuntu/+source/pocsuite3), [Kali](http://pkg.kali.org/pkg/pocsuite3)
+
+``` bash
+sudo apt update
+sudo apt install pocsuite3
+```
+
+### ArchLinux
+
+``` bash
+yay pocsuite3
+```
+
+###
+
 Or click [here](https://github.com/knownsec/pocsuite3/archive/master.zip) to download the latest source zip package and extract

 ``` bash
@@ -75,7 +104,7 @@ $ python3 setup.py install
 ```


-The latest version of this software is available at: http://pocsuite.org
+The latest version of this software is available at: https://pocsuite.org

 ## Documentation

@@ -125,7 +154,7 @@ console mode
 * [Change Log](./CHANGELOG.md)
 * [Bug tracking](https://github.com/knownsec/pocsuite3/issues)
 * [Copyright](./COPYING)
-* [Pocsuite](http://pocsuite.org)
+* [Pocsuite](https://pocsuite.org)
 * [Seebug](https://www.seebug.org)
 * [ZoomEye](https://www.zoomeye.org)
 * [Knownsec](https://www.knownsec.com)
--- a/docs/CODING.md
+++ b/docs/CODING.md
@@ -157,7 +157,7 @@ from pocsuite3.lib.utils import random_str
    desc = '/api/v2.0/user/remoteserver.saml接口的name参数存在命令注入'  # 漏洞简要描述
    samples = ['http://192.168.1.1']  # 测试样列，就是用 PoC 测试成功的目标
    install_requires = ['BeautifulSoup4:bs4']  # PoC 第三方模块依赖，请尽量不要使用第三方模块，必要时请参考《PoC第三方模块依赖说明》填写
-   	pocDesc = ''' poc的用法描述 '''
+    pocDesc = ''' poc的用法描述 '''
    dork = {'zoomeye': 'deviceState.admin.hostname'}  # 搜索 dork，如果运行 PoC 时不提供目标且该字段不为空，将会调用插件从搜索引擎获取目标。
    suricata_request = '''http.uri; content: "/api/v2.0/user/remoteserver.saml";'''  # 请求流量 suricata 规则
    suricata_response = ''  # 响应流量 suricata 规则
@@ -395,7 +395,7 @@ from pocsuite3.api import OptString, OptDict, OptIP, OptPort, OptBool, OptIntege

 #### Pocsuite3 远程调用文件列表<div id="inclue_files"></div>
 部分 PoC 需要采用包含远程文件的形式，要求基于 Pocsuite3 的 PoC 统一调用统一文件(如需引用未在以下文件列表内文件，请联系 404-team@knownsec.com 或者直接提交 issue)。
-统一 URL 调用路径：`http://pocsuite.org/include_files/`，如 `http://pocsuite.org/include_files/xxe_verify.xml`
+统一 URL 调用路径：`https://pocsuite.org/include_files/`，如 `https://pocsuite.org/include_files/xxe_verify.xml`

 **文件列表**

@@ -561,7 +561,7 @@ HttpServer Demo:
 """
 If you have issues about development, please read:
 https://github.com/knownsec/pocsuite3/blob/master/docs/CODING.md
-for more about information, plz visit http://pocsuite.org
+for more about information, plz visit https://pocsuite.org
 """
 from http.server import SimpleHTTPRequestHandler


--- a/docs/USAGE.md
+++ b/docs/USAGE.md
@@ -28,7 +28,8 @@ Target:
                        Target URL (e.g. "http://www.site.com/vuln.php?id=1")
  -f URL_FILE, --file URL_FILE
                        Scan multiple targets given in a textual file
-  -r POC [POC ...]      Load POC file from local or remote from seebug website
+  -r POC [POC ...]      Load PoC file from local or remote from seebug website
+  -k POC_KEYWORD        Filter PoC by keyword, e.g. ecshop
  -c CONFIGFILE         Load options from a configuration INI file

 Mode:
@@ -49,7 +50,7 @@ Request:
  --proxy-cred PROXY_CRED
                        Proxy authentication credentials (name:password)
  --timeout TIMEOUT     Seconds to wait before timeout connection (default 30)
-  --retry RETRY         Time out retrials times.
+  --retry RETRY         Time out retrials times
  --delay DELAY         Delay between two request of one thread
  --headers HEADERS     Extra headers (e.g. "key1: value1\nkey2: value2")

@@ -76,23 +77,23 @@ Account:
 Modules:
  Modules(Seebug, Zoomeye, CEye, Fofa, Quake, Listener) options

-  --dork DORK           Zoomeye dork used for search.
+  --dork DORK           Zoomeye dork used for search
  --dork-zoomeye DORK_ZOOMEYE
-                        Zoomeye dork used for search.
+                        Zoomeye dork used for search
  --dork-shodan DORK_SHODAN
-                        Shodan dork used for search.
+                        Shodan dork used for search
  --dork-censys DORK_CENSYS
-                        Censys dork used for search.
+                        Censys dork used for search
  --dork-fofa DORK_FOFA
-                        Fofa dork used for search.
+                        Fofa dork used for search
  --dork-quake DORK_QUAKE
-                        Quake dork used for search.
-  --max-page MAX_PAGE   Max page used in search API.
+                        Quake dork used for search
+  --max-page MAX_PAGE   Max page used in search API
  --search-type SEARCH_TYPE
                        search type used in ZoomEye API, web or host
  --vul-keyword VUL_KEYWORD
-                        Seebug keyword used for search.
-  --ssv-id SSVID        Seebug SSVID number for target PoC.
+                        Seebug keyword used for search
+  --ssv-id SSVID        Seebug SSVID number for target PoC
  --lhost CONNECT_BACK_HOST
                        Connect back host for target PoC in shell mode
  --lport CONNECT_BACK_PORT
@@ -108,12 +109,12 @@ Optimization:
  --pocs-path POCS_PATH
                        User defined poc scripts path
  --threads THREADS     Max number of concurrent network requests (default 1)
-  --batch BATCH         Automatically choose defaut choice without asking.
+  --batch BATCH         Automatically choose defaut choice without asking
  --requires            Check install_requires
-  --quiet               Activate quiet mode, working without logger.
+  --quiet               Activate quiet mode, working without logger
  --ppt                 Hiden sensitive information when published to the network
  --pcap                use scapy capture flow
-  --rule                export rules, default export reqeust and response
+  --rule                export suricata rules, default export reqeust and response
  --rule-req            only export request rule
  --rule-filename RULE_FILENAME
                        Specify the name of the export rule file

--- a/manpages/poc-console.1
+++ b/manpages/poc-console.1
@@ -31,7 +31,7 @@ is maintained at:
 .I https://github.com/knownsec/pocsuite3/blob/master/docs/USAGE.md
 .PP
 .SH VERSION
-This manual page documents pocsuite3 version 1.8.7
+This manual page documents pocsuite3 version 1.8.8
 .SH AUTHOR
 .br
 (c) 2014-2021 by Knownsec 404 Team

--- a/manpages/pocsuite.1
+++ b/manpages/pocsuite.1
@@ -50,6 +50,9 @@ Scan multiple targets given in a textual file
 \fB\-r\fR POC [POC ...]
 Load POC file from local or remote from seebug website
 .TP
+\fB\-k\fR POC_KEYWORD
+Filter PoC by keyword, e.g. ecshop
+.TP
 \fB\-c\fR CONFIGFILE
 Load options from a configuration INI file
 .SS "Mode:"
@@ -90,7 +93,7 @@ Proxy authentication credentials (name:password)
 Seconds to wait before timeout connection (default 30)
 .TP
 \fB\-\-retry\fR RETRY
-Time out retrials times.
+Time out retrials times
 .TP
 \fB\-\-delay\fR DELAY
 Delay between two request of one thread
@@ -116,6 +119,9 @@ fofa user
 \fB\-\-fofa\-token\fR FOFA_TOKEN
 fofa token
 .TP
+\fB\-\-quake\-token\fR QUAKE_TOKEN
+quake token
+.TP
 \fB\-\-censys\-uid\fR CENSYS_UID
 Censys uid
 .TP
@@ -126,31 +132,31 @@ Censys secret
 Modules (Seebug, Zoomeye, CEye, Fofa, Listener) options
 .TP
 \fB\-\-dork\fR DORK
-Zoomeye dork used for search.
+Zoomeye dork used for search
 .TP
 \fB\-\-dork\-zoomeye\fR DORK_ZOOMEYE
-Zoomeye dork used for search.
+Zoomeye dork used for search
 .TP
 \fB\-\-dork\-shodan\fR DORK_SHODAN
-Shodan dork used for search.
+Shodan dork used for search
 .TP
 \fB\-\-dork\-censys\fR DORK_CENSYS
-Censys dork used for search.
+Censys dork used for search
 .TP
 \fB\-\-dork\-fofa\fR DORK_FOFA
-Fofa dork used for search.
+Fofa dork used for search
 .TP
 \fB\-\-max\-page\fR MAX_PAGE
-Max page used in search API.
+Max page used in search API
 .TP
 \fB\-\-search\-type\fR SEARCH_TYPE
 search type used in ZoomEye API, web or host
 .TP
 \fB\-\-vul\-keyword\fR VUL_KEYWORD
-Seebug keyword used for search.
+Seebug keyword used for search
 .TP
 \fB\-\-ssv\-id\fR SSVID
-Seebug SSVID number for target PoC.
+Seebug SSVID number for target PoC
 .TP
 \fB\-\-lhost\fR CONNECT_BACK_HOST
 Connect back host for target PoC in shell mode
@@ -180,13 +186,13 @@ User defined poc scripts path
 Max number of concurrent network requests (default 1)
 .TP
 \fB\-\-batch\fR BATCH
-Automatically choose defalut choice without asking.
+Automatically choose defalut choice without asking
 .TP
 \fB\-\-requires\fR
 Check install_requires
 .TP
 \fB\-\-quiet\fR
-Activate quiet mode, working without logger.
+Activate quiet mode, working without logger
 .TP
 \fB\-\-ppt\fR
 Hiden sensitive information when published to the
@@ -250,7 +256,7 @@ is maintained at:
 .I https://github.com/knownsec/pocsuite3/blob/master/docs/USAGE.md
 .PP
 .SH VERSION
-This manual page documents pocsuite3 version 1.8.7
+This manual page documents pocsuite3 version 1.8.8
 .SH AUTHOR
 .br
 (c) 2014-2021 by Knownsec 404 Team

--- a/pocsuite.ini
+++ b/pocsuite.ini
@@ -5,6 +5,8 @@ url =
 url_file = 
 ; load poc file from local or remote from seebug website
 poc = ecshop_rce.py
+; filter poc by keyword, e.g. cve-2021-22005
+poc_keyword =

 [Mode]
 ; run poc with verify mode
@@ -27,7 +29,7 @@ proxy =
 proxy_cred = 
 ; seconds to wait before timeout connection (default 30)
 timeout = 
-; time out retrials times.
+; time out retrials times
 retry =
 ; delay between two request of one thread
 delay = 
@@ -53,25 +55,25 @@ censys_uid =
 censys_secret =

 [Modules]
-; zoomeye dork used for search.
+; zoomeye dork used for search
 dork =
-; zoomeye dork used for search.
+; zoomeye dork used for search
 dork_zoomeye =
-; shodan dork used for search.
+; shodan dork used for search
 dork_shodan =
-; censys dork used for search.
+; censys dork used for search
 dork_censys =
-; fofa dork used for search.
+; fofa dork used for search
 dork_fofa =
-; quake dork used for search.
+; quake dork used for search
 dork_quake =
-; max page used in search api.
+; max page used in search api
 max_page = 1
 ; search type used in zoomeye api, web or host
 search_type = host
-; seebug keyword used for search.
+; seebug keyword used for search
 vul_keyword =
-; seebug ssvid number for target poc.
+; seebug ssvid number for target poc
 ssvid =
 ; connect back host for target poc in shell mode
 connect_back_host =
@@ -91,11 +93,11 @@ plugins =
 pocs_path =
 ; max number of concurrent network requests (default 1)
 threads = 1
-; automatically choose defaut choice without asking.
+; automatically choose defaut choice without asking
 batch = 
 ; check install_requires
 check_requires = False
-; activate quiet mode, working without logger.
+; activate quiet mode, working without logger
 quiet = False
 ; hiden sensitive information when published to the network
 ppt = False

--- a/pocsuite3/__init__.py
+++ b/pocsuite3/__init__.py
 __title__ = 'pocsuite3'
-__version__ = '1.8.7'
+__version__ = '1.8.8'
 __author__ = 'Knownsec 404 Team'
 __author_email__ = '404-team@knownsec.com'
 __license__ = 'GPLv2'

--- a/pocsuite3/api/__init__.py
+++ b/pocsuite3/api/__init__.py
@@ -28,6 +28,7 @@ from pocsuite3.modules.seebug import Seebug
 from pocsuite3.modules.shodan import Shodan
 from pocsuite3.modules.spider import crawl
 from pocsuite3.modules.zoomeye import ZoomEye
+from pocsuite3.modules.interactsh import Interactsh
 from pocsuite3.shellcodes import OSShellcodes, WebShell

 __all__ = ('requests', 'PluginBase', 'register_plugin', 'PLUGIN_TYPE',
@@ -43,7 +44,7 @@ __all__ = ('requests', 'PluginBase', 'register_plugin', 'PLUGIN_TYPE',
           'OptFloat', 'OptString', 'OptItems', 'get_middle_text',
           'generate_shellcode_list', 'random_str', 'encoder_bash_payload',
           'encoder_powershell_payload', 'get_host_ipv6', 'bind_shell',
-           'bind_tcp_shell', 'bind_telnet_shell')
+           'bind_tcp_shell', 'bind_telnet_shell', 'Interactsh')


 def get_listener_ip():

--- a/pocsuite3/lib/core/log.py
+++ b/pocsuite3/lib/core/log.py
@@ -9,6 +9,7 @@ logging.addLevelName(CUSTOM_LOGGING.ERROR, "-")
 logging.addLevelName(CUSTOM_LOGGING.WARNING, "!")

 LOGGER = logging.getLogger("pocsuite")
+sys.stdout = open(sys.stdout.fileno(), mode='w', encoding='utf8', buffering=1)
 LOGGER_HANDLER = logging.StreamHandler(sys.stdout)
 PRIMARY_FMT = (
    "%(cyan)s[%(asctime)s] %(log_color)s[%(levelname)s]%(reset)s %(message)s"

--- a/pocsuite3/lib/core/option.py
+++ b/pocsuite3/lib/core/option.py
@@ -4,13 +4,13 @@ import logging
 import os
 import re
 import socket
-import socks
 import importlib
-import prettytable
-from termcolor import colored
 from queue import Queue
 from urllib.parse import urlsplit

+import socks
+import prettytable
+from termcolor import colored
 from pocsuite3.lib.core.clear import remove_extra_log_message
 from pocsuite3.lib.core.common import boldify_message, check_file, get_file_items, parse_target, \
    get_public_type_members, data_to_stdout
@@ -213,7 +213,8 @@ def _set_multiple_targets():

    if conf.dork:
        # enable plugin 'target_from_zoomeye' by default
-        if 'target_from_shodan' not in conf.plugins and 'target_from_fofa' not in conf.plugins and 'target_from_quake' not in conf.plugins:
+        if ('target_from_shodan' not in conf.plugins and 'target_from_fofa' not in conf.plugins
+                and 'target_from_quake' not in conf.plugins):
            conf.plugins.append('target_from_zoomeye')

    if conf.dork_zoomeye:
@@ -320,44 +321,58 @@ def _set_pocs_modules():
    # load poc scripts .pyc file support
    if conf.ssvid:
        conf.plugins.append('poc_from_seebug')
+
+    if not (conf.poc or conf.vul_keyword) and conf.poc_keyword:
+        conf.poc = [paths.POCSUITE_POCS_PATH]
+
    if conf.poc:
-        # step1. load system packed poc from pocsuite3/pocs folder
        exists_poc_with_ext = list(
            filter(lambda x: x not in ['__init__.py', '__init__.pyc'], os.listdir(paths.POCSUITE_POCS_PATH)))
        exists_pocs = dict([os.path.splitext(x) for x in exists_poc_with_ext])
        for poc in conf.poc:
-            load_poc_sucess = False
-            if any([poc in exists_poc_with_ext, poc in exists_pocs]):
-                poc_name, poc_ext = os.path.splitext(poc)
-                if poc_ext in ['.py', '.pyc']:
-                    file_path = os.path.join(paths.POCSUITE_POCS_PATH, poc)
-                else:
-                    file_path = os.path.join(paths.POCSUITE_POCS_PATH, poc + exists_pocs.get(poc))
-                if file_path:
-                    info_msg = "loading PoC script '{0}'".format(file_path)
-                    logger.info(info_msg)
-                    load_poc_sucess = load_file_to_module(file_path)
-
-            # step2. load poc from given file path
+            # load poc from pocsuite3/pocs folder or other local path
            try:
-                if not load_poc_sucess:
-                    if not poc.startswith('ssvid-') and check_file(poc):
-                        info_msg = "loading PoC script '{0}'".format(poc)
-                        logger.info(info_msg)
-                        load_poc_sucess = load_file_to_module(poc)
+                _pocs = []
+                load_poc_sucess = False
+
+                if os.path.isfile(poc):
+                    _pocs.append(poc)
+
+                elif any([poc in exists_poc_with_ext, poc in exists_pocs]):
+                    poc_name, poc_ext = os.path.splitext(poc)
+                    if poc_ext in ['.py', '.pyc']:
+                        file_path = os.path.join(paths.POCSUITE_POCS_PATH, poc)
+                    else:
+                        file_path = os.path.join(paths.POCSUITE_POCS_PATH, poc + exists_pocs.get(poc))
+                    _pocs.append(file_path)
+
+                elif check_path(poc):
+                    for root, _, files in os.walk(poc):
+                        files = filter(lambda x: not x.startswith("__") and x.endswith(".py"), files)
+                        _pocs.extend(map(lambda x: os.path.join(root, x), files))
+
+                for p in _pocs:
+                    file_content = open(p, encoding='utf-8').read()
+                    if 'register_poc' not in file_content:
+                        continue
+                    if conf.poc_keyword:
+                        attr_field = re.search(r'vulID.*?def .*?\(', file_content, re.DOTALL)
+                        if attr_field and conf.poc_keyword.lower() not in attr_field.group().lower():
+                            continue
+                    info_msg = "loading PoC script '{0}'".format(p)
+                    logger.info(info_msg)
+                    load_poc_sucess = load_file_to_module(p) or load_poc_sucess
            except PocsuiteSystemException:
                logger.error('PoC file "{0}" not found'.format(repr(poc)))
                continue

-            # step3. load poc from seebug website using plugin 'poc_from_seebug'
-            if not load_poc_sucess:
-                if poc.startswith('ssvid-'):
-                    info_msg = "loading Poc script 'https://www.seebug.org/vuldb/{0}'".format(poc)
-                    logger.info(info_msg)
-                    if "poc_from_seebug" not in conf.plugins:
-                        conf.plugins.append('poc_from_seebug')
+            # load poc from seebug website using plugin 'poc_from_seebug'
+            if not load_poc_sucess and poc.startswith('ssvid-'):
+                info_msg = "loading Poc script 'https://www.seebug.org/vuldb/{0}'".format(poc)
+                logger.info(info_msg)
+                if "poc_from_seebug" not in conf.plugins:
+                    conf.plugins.append('poc_from_seebug')

-    load_keyword_poc_sucess = False
    if conf.vul_keyword:
        # step4. load poc with vul_keyword search seebug website
        info_msg = "loading PoC script from seebug website using search keyword '{0}' ".format(conf.vul_keyword)
@@ -491,6 +506,7 @@ def _set_conf_attributes():
    conf.url_file = None
    conf.mode = 'verify'
    conf.poc = None
+    conf.poc_keyword = None
    conf.cookie = None
    conf.host = None
    conf.referer = None
@@ -724,7 +740,9 @@ def init():
    update()
    _set_multiple_targets()
    _set_user_pocs_path()
-    _set_pocs_modules()  # The poc module module must be in front of the plug-in module, and some parameters in the poc option call the plug-in
+    # The poc module module must be in front of the plug-in module,
+    # and some parameters in the poc option call the plug-in
+    _set_pocs_modules()
    _set_plugins()
    _init_targets_plugins()
    _init_pocs_plugins()

--- a/pocsuite3/lib/core/optiondict.py
+++ b/pocsuite3/lib/core/optiondict.py
@@ -7,6 +7,7 @@ optDict = {
        'url': 'string',
        'url_file': 'string',
        'poc': 'string',
+        'poc_keyword': 'string',
        'configFile': 'string'
    },
    'Mode': {

--- a/pocsuite3/lib/core/settings.py
+++ b/pocsuite3/lib/core/settings.py
@@ -8,7 +8,7 @@ from pocsuite3.lib.core.revision import get_revision_number