baffle 0.2.1

data/LICENSE

@@ -0,0 +1,28 @@
+Baffle is distributed under this license:
+
+Copyright (c) 2007-2008, The Trustees of Dartmouth College.
+
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+
+  1. Redistributions of source code must retain the above copyright
+     notice, this list of conditions and the following disclaimer.
+  2. Redistributions in binary form must reproduce the above copyright
+     notice, this list of conditions and the following disclaimer in the
+     documentation and/or other materials provided with the distribution.
+  3. The name of the author may not be used to endorse or promote products
+     derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

data/README.markdown

@@ -0,0 +1,52 @@
+Baffle
+======
+
+Baffle is a tool for actively fingerprinting and identifying wireless devices.
+See ./tool --help for options.
+
+Compiling
+---------
+
+Because we need to be able to sniff and inject arbitrary 802.11 packets, we
+need help from a few C-libraries (see Depedencies). Before running Baffle,
+you must compile the Ruby extensions wrapping these libraries. Generally, it
+it done in the following manner:
+
+    $ ruby extconf
+    $ make
+  
+You will need to run these commands in the following directories:
+  
+  - ./lib/capture/
+  - ./lib/ruby-lorcon/
+
+Linalg depends on LAPACK, a fortran linear algebra package, and on f2c, a 
+fortran to C bridge. These can typically be installed from package management
+systems or compiled from source.
+The ruby linalg library itself is compiled with the following commands:
+
+    $ ruby install.rb configure
+    $ ruby install.rb make
+    $ sudo ruby install.rb install
+
+Once those dependencies are met, everything should work fine.
+
+Depedencies
+-----------
+
+  + C-libraries
+    - lorcon
+    - libpcap
+  
+  + Fortran libraries
+    - LAPACK
+
+  + Ruby libraries
+    - linalg (depends on the LAPACK fortran library and f2c library)
+
+License
+-------
+
+Copyright (c) 2007-2008, The Trustees of Dartmouth College.
+
+Baffle is released as open source under a BSD license. See LICENSE for details.

data/bin/baffle

@@ -0,0 +1,5 @@
+#!/usr/bin/env ruby
+
+require File.expand_path(File.join(File.dirname(__FILE__), '..', 'lib', 'baffle.rb'))
+
+Baffle.run(ARGV)

data/data/probes.yml

@@ -0,0 +1,32 @@
+probereq_flags:
+  Linksys WRT54G:
+    - [5, 3, 3, 3, 3, 2, 2, 2, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 4, 2, 2, 2, 2, 2, 2, 2, 3, 3, 4, 4, 3, 3, 3, 3, 3, 3, 5, 4, 4, 3, 2, 2, 2, 2, 2, 3, 2, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 5, 3, 3, 3, 3, 3, 3, 3, 3, 3, 5, 4, 4, 3, 3, 2, 2, 2, 2, 2, 4, 3, 3, 3, 3, 3, 3, 3, 3, 4, 5, 3, 3, 3, 3, 3, 3, 3, 4, 5, 3, 3, 3, 3, 3, 3, 3, 3, 5, 4, 3, 3, 3, 3, 3, 3, 3, 4, 5, 4, 3, 3, 3, 3, 3, 2, 2, 4, 4, 3, 3, 3, 3, 3, 3, 3, 5, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 3, 3, 3, 3, 3, 3, 3, 3, 3, 4, 3, 3, 3, 3, 3, 3, 3, 3, 5, 4, 4, 3, 3, 3, 2, 3, 3, 3, 4, 4, 3, 3, 3, 3, 3, 3, 3, 5, 3, 3, 3, 3, 3, 3, 2, 2, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 3, 3, 3, 3, 3, 3, 3, 3, 3, 4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 4, 4, 3, 3, 2, 2, 2, 2, 3]
+    - [4, 3, 3, 3, 3, 3, 3, 4, 5, 5, 4, 2, 2, 1, 1, 1, 1, 2, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 1, 1, 1, 2, 2, 3, 3, 3, 3, 3, 3, 3, 4, 4, 3, 3, 1, 1, 1, 1, 1, 1, 1, 2, 3, 3, 3, 4, 3, 3, 3, 2, 3, 3, 2, 2, 2, 2, 1, 1, 1, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 1, 1, 1, 1, 1, 1, 1, 3, 4, 3, 3, 3, 3, 3, 3, 3, 3, 4, 4, 2, 2, 2, 1, 2, 1, 2, 2, 4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 1, 1, 1, 2, 4, 3, 3, 3, 3, 3, 3, 2, 3, 3, 3, 3, 1, 1, 1, 1, 1, 0, 2, 2, 3, 3, 3, 3, 3, 3, 3, 2, 3, 2, 2, 2, 2, 2, 1, 1, 1, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 2, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 1, 1, 1, 1, 2, 3, 3, 3, 3, 3, 3, 3, 3, 2, 3, 3, 3, 2, 2, 1, 1, 1, 1, 3, 4, 4, 3, 3, 3, 3, 3, 3, 3, 4, 2, 1, 1, 1, 1, 1, 1, 2, 2, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2]
+    - [7, 6, 6, 7, 7, 7, 6, 7, 6, 6, 6, 7, 7, 7, 7, 7, 7, 7, 7, 6, 7, 7, 7, 7, 7, 6, 7, 7, 7, 5, 7, 7, 7, 7, 7, 6, 6, 7, 7, 6, 6, 7, 7, 6, 5, 7, 7, 7, 7, 6, 7, 7, 6, 7, 7, 7, 5, 7, 6, 7, 6, 7, 7, 7, 7, 6, 7, 7, 7, 7, 6, 7, 7, 6, 7, 6, 7, 6, 6, 7, 6, 6, 7, 7, 7, 7, 7, 6, 7, 7, 7, 7, 7, 7, 6, 7, 7, 7, 7, 7, 7, 7, 6, 7, 7, 7, 7, 7, 7, 7, 7, 7, 6, 7, 7, 7, 7, 6, 6, 7, 7, 7, 6, 7, 5, 7, 6, 5, 7, 7, 7, 7, 5, 7, 7, 7, 6, 7, 7, 7, 7, 7, 6, 7, 7, 7, 6, 7, 6, 6, 6, 7, 5, 7, 7, 7, 6, 7, 7, 7, 7, 6, 7, 7, 6, 7, 7, 7, 7, 7, 6, 7, 7, 7, 7, 7, 7, 6, 7, 5, 7, 7, 7, 6, 7, 5, 7, 6, 7, 6, 7, 6, 7, 7, 7, 7, 7, 7, 7, 6, 7, 7, 7, 6, 7, 7, 7, 7, 6, 7, 5, 6, 6, 6, 7, 6, 6, 6, 6, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 6, 7, 7, 7, 7, 6, 7, 7, 7, 7, 7, 7, 7, 7, 6, 7, 6, 7, 7, 7, 6, 5, 6, 7]
+    - [7, 6, 7, 7, 6, 7, 6, 6, 6, 6, 5, 6, 6, 5, 7, 7, 7, 7, 7, 7, 7, 6, 7, 7, 7, 7, 7, 6, 7, 6, 7, 6, 7, 7, 6, 7, 4, 6, 7, 7, 7, 6, 6, 6, 6, 7, 6, 6, 6, 6, 7, 4, 6, 6, 7, 7, 7, 7, 7, 6, 7, 7, 7, 7, 7, 6, 7, 7, 7, 6, 7, 6, 7, 7, 6, 6, 6, 7, 7, 7, 7, 6, 7, 7, 7, 6, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 6, 6, 6, 7, 6, 6, 6, 7, 7, 7, 7, 5, 6, 6, 6, 6, 6, 6, 7, 6, 7, 7, 7, 7, 7, 7, 7, 7, 6, 7, 6, 7, 7, 7, 6, 7, 5, 7, 6, 7, 6, 6, 5, 6, 7, 6, 6, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 6, 7, 7, 7, 7, 5, 6, 7, 6, 7, 7, 7, 5, 5, 6, 6, 7, 7, 7, 6, 6, 6, 7, 7, 6, 7, 7, 7, 7, 7, 7, 6, 7, 7, 6, 5, 7, 6, 7, 6, 7, 7, 7, 6, 6, 7, 6, 6, 7, 6, 6, 6, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 6, 7, 6, 5, 6, 7, 7, 7, 7, 5, 6, 7, 6, 7, 7, 7, 7, 7, 6, 7, 7, 5, 7, 6, 6, 6, 7, 7, 4, 7, 7, 7, 6, 7]
+  ExtraSys WAP-257:
+    - [5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0]
+    - [5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0]
+    - [7, 0, 0, 0, 0, 0, 0, 0, 9, 0, 0, 0, 0, 0, 0, 0, 7, 0, 0, 0, 0, 0, 0, 0, 9, 0, 0, 0, 0, 0, 0, 0, 9, 0, 0, 0, 0, 0, 0, 0, 8, 0, 0, 0, 0, 0, 0, 0, 9, 0, 0, 0, 0, 0, 0, 0, 7, 0, 0, 0, 0, 0, 0, 0, 9, 0, 0, 0, 0, 0, 0, 0, 8, 0, 0, 0, 0, 0, 0, 0, 9, 0, 0, 0, 0, 0, 0, 0, 6, 0, 0, 0, 0, 0, 0, 0, 9, 0, 0, 0, 0, 0, 0, 0, 9, 0, 0, 0, 0, 0, 0, 0, 11, 0, 0, 0, 0, 0, 0, 0, 11, 0, 0, 0, 0, 0, 0, 0, 9, 0, 0, 0, 0, 0, 0, 0, 9, 0, 0, 0, 0, 0, 0, 0, 9, 0, 0, 0, 0, 0, 0, 0, 6, 0, 0, 0, 0, 0, 0, 0, 11, 0, 0, 0, 0, 0, 0, 0, 7, 0, 0, 0, 0, 0, 0, 0, 7, 0, 0, 0, 0, 0, 0, 0, 11, 0, 0, 0, 0, 0, 0, 0, 9, 0, 0, 0, 0, 0, 0, 0, 7, 0, 0, 0, 0, 0, 0, 0, 7, 0, 0, 0, 0, 0, 0, 0, 6, 0, 0, 0, 0, 0, 0, 0, 9, 0, 0, 0, 0, 0, 0, 0, 11, 0, 0, 0, 0, 0, 0, 0, 7, 0, 0, 0, 0, 0, 0, 0, 9, 0, 0, 0, 0, 0, 0, 0]
+  MadWifi-ng Master Mode:
+    - [5, 0, 0, 0, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 4, 0, 0, 0, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 4, 0, 0, 0, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 4, 0, 0, 0, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 4, 0, 0, 0, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 4, 0, 0, 0, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 4, 0, 0, 0, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 4, 0, 0, 0, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]
+    - [5, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]
+    - [10, 0, 0, 0, 11, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 10, 0, 0, 0, 9, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 9, 0, 0, 0, 9, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 11, 0, 0, 0, 10, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 11, 0, 0, 0, 10, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 9, 0, 0, 0, 10, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 11, 0, 0, 0, 11, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]
+  HostAP Master Mode:
+    - [5, 5, 5, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 5, 5, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 5, 5, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 5, 5, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, 5, 5, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 5, 5, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 5, 5, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 5, 5, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]
+    - [4, 4, 4, 0, 0, 0, 0, 0, 4, 0, 0, 0, 0, 0, 0, 0, 4, 4, 4, 0, 0, 0, 0, 0, 4, 0, 0, 0, 0, 0, 0, 0, 4, 4, 4, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 5, 5, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, 5, 5, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 5, 5, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 5, 5, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 5, 5, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]
+
+authreq_flags:
+  Linksys WRT56G:
+    - [5, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]
+    - [43, 0, 0, 0, 76, 0, 0, 0, 76, 0, 0, 0, 75, 0, 0, 0, 77, 0, 0, 0, 70, 0, 0, 0, 77, 0, 0, 0, 76, 0, 0, 0, 75, 0, 0, 0, 77, 0, 0, 0, 76, 0, 0, 0, 77, 0, 0, 0, 77, 0, 0, 0, 76, 0, 0, 0, 77, 0, 0, 0, 76, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 69, 0, 0, 0, 76, 0, 0, 0, 77, 0, 0, 0, 76, 0, 0, 0, 77, 0, 0, 0, 77, 0, 0, 0, 63, 0, 0, 0, 70, 0, 0, 0, 77, 0, 0, 0, 77, 0, 0, 0, 69, 0, 0, 0, 75, 0, 0, 0, 69, 0, 0, 0, 76, 0, 0, 0, 76, 0, 0, 0, 76, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]
+    - [43, 0, 0, 0, 69, 0, 0, 0, 77, 0, 0, 0, 76, 0, 0, 0, 76, 0, 0, 0, 76, 0, 0, 0, 77, 0, 0, 0, 77, 0, 0, 0, 77, 0, 0, 0, 77, 0, 0, 0, 77, 0, 0, 0, 70, 0, 0, 0, 77, 0, 0, 0, 76, 0, 0, 0, 77, 0, 0, 0, 77, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 69, 0, 0, 0, 76, 0, 0, 0, 77, 0, 0, 0, 77, 0, 0, 0, 77, 0, 0, 0, 76, 0, 0, 0, 77, 0, 0, 0, 77, 0, 0, 0, 77, 0, 0, 0, 77, 0, 0, 0, 77, 0, 0, 0, 77, 0, 0, 0, 75, 0, 0, 0, 77, 0, 0, 0, 75, 0, 0, 0, 77, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]
+  ExtraSys WAP-257:
+    - [5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0]
+    - [40, 0, 0, 0, 0, 0, 0, 0, 6, 0, 0, 0, 0, 0, 0, 0, 66, 0, 0, 0, 0, 0, 0, 0, 7, 0, 0, 0, 0, 0, 0, 0, 62, 0, 0, 0, 0, 0, 0, 0, 6, 0, 0, 0, 0, 0, 0, 0, 77, 0, 0, 0, 0, 0, 0, 0, 7, 0, 0, 0, 0, 0, 0, 0, 61, 0, 0, 0, 0, 0, 0, 0, 62, 0, 0, 0, 0, 0, 0, 0, 68, 0, 0, 0, 0, 0, 0, 0, 68, 0, 0, 0, 0, 0, 0, 0, 77, 0, 0, 0, 0, 0, 0, 0, 77, 0, 0, 0, 0, 0, 0, 0, 77, 0, 0, 0, 0, 0, 0, 0, 63, 0, 0, 0, 0, 0, 0, 0, 55, 0, 0, 0, 0, 0, 0, 0, 6, 0, 0, 0, 0, 0, 0, 0, 60, 0, 0, 0, 0, 0, 0, 0, 7, 0, 0, 0, 0, 0, 0, 0, 75, 0, 0, 0, 0, 0, 0, 0, 6, 0, 0, 0, 0, 0, 0, 0, 47, 0, 0, 0, 0, 0, 0, 0, 7, 0, 0, 0, 0, 0, 0, 0, 68, 0, 0, 0, 0, 0, 0, 0, 68, 0, 0, 0, 0, 0, 0, 0, 59, 0, 0, 0, 0, 0, 0, 0, 76, 0, 0, 0, 0, 0, 0, 0, 77, 0, 0, 0, 0, 0, 0, 0, 77, 0, 0, 0, 0, 0, 0, 0, 77, 0, 0, 0, 0, 0, 0, 0, 69, 0, 0, 0, 0, 0, 0, 0]
+  MadWifi-ng Master Mode:
+    - [5, 0, 0, 0, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 4, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]
+    - [22, 0, 0, 0, 22, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 22, 0, 0, 0, 20, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 22, 0, 0, 0, 22, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 21, 0, 0, 0, 22, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 22, 0, 0, 0, 21, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 20, 0, 0, 0, 13, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 16, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 20, 0, 0, 0, 22, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]
+  HostAP master mode:
+    - [5, 5, 5, 0, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 5, 5, 5, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 4, 5, 5, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 4, 5, 5, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]
+

data/lib/baffle.rb

@@ -0,0 +1,52 @@
+#!/usr/bin/env ruby
+require 'rubygems'
+require 'dot11'
+
+require File.expand_path(File.join(File.dirname(__FILE__), 'baffle', 'options'))
+require File.expand_path(File.join(File.dirname(__FILE__), 'baffle', 'probe'))
+require File.expand_path(File.join(File.dirname(__FILE__), 'baffle', 'fingerprint_diagram'))
+
+module Baffle
+  def self.run(args)
+    options = Baffle::Options.parse(args)
+    
+    options
+    
+    if options.gui?
+      require File.expand_path(File.join(File.dirname(__FILE__), 'baffle', 'gui'))
+      
+      Gui.run(options)
+    else
+      scan(options)
+    end
+  end
+  
+  def self.scan(options)
+    hypotheses = {}
+    
+    Baffle::Probes.each do |probe|
+      puts "Running probe #{probe.name}"
+      vector = probe.run(options)
+      
+      unless vector
+        warn "Probe was skipped."
+        next
+      end
+      
+      if options.fpdiagram
+        File.open("#{options.fpdiagram}#{probe.name}.svg", 'w+') do |f|
+          f << Baffle.fingerprint_diagram(vector).to_s
+        end
+      end
+      
+      puts "Vector: #{vector.inspect}"
+      
+      unless options.train?
+        hypotheses[probe.name] = probe.hypothesize(vector)
+        puts "#{probe.name} hypothesizes: #{hypotheses[probe.name]}"
+      end
+    end
+    
+    hypotheses
+  end
+end

data/lib/baffle/fingerprint_diagram.rb

@@ -0,0 +1,43 @@
+require 'rexml/document'
+
+include REXML
+
+module Baffle
+  WIDTH = 24
+  HEIGHT = 24
+  
+  def self.fingerprint_diagram(vector)
+    doc = Document.new '<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">'
+    svg = doc.add_element "svg", "width" => "100%", "viewbox" => "0 0 100 100", "version" => "1.1", "xmlns" => "http://www.w3.org/2000/svg"
+    
+    max_count = 0
+    
+    x = 0
+    
+    max_count = vector.max
+    
+    total_width = 32 * WIDTH *  1.05
+    
+    vector.each_with_index do |respond_count, flags_value|
+      alpha = (respond_count / max_count.to_f) ** 3 + 0.1
+      width = (WIDTH * alpha + 1) / total_width * 600.0
+      
+      alpha = 1 if alpha.nan?
+      width = WIDTH if width.nan?
+      
+      alpha = (respond_count > 1 ? 1 : 0.05)
+      width = 3
+      
+      ("%08d" %flags_value.to_s(2)).split(//).each_with_index do |c, i|
+        y = 1 + i * (HEIGHT + 1)
+        color = (c == "0") ? "black" : "red"
+        
+        svg.add_element "rect", "x" => x - (width / 2), "y" => y, "width" => width, "height" => HEIGHT, "style" => "fill:#{color};fill-opacity:#{alpha}"
+      end
+      
+      x += total_width / 256
+    end
+    
+    svg
+  end
+end

data/lib/baffle/gtk_queue.rb

@@ -0,0 +1,29 @@
+require 'monitor'
+
+module Gtk
+  GTK_PENDING_BLOCKS = []
+  GTK_PENDING_BLOCKS_LOCK = Monitor.new
+
+  def Gtk.queue(&block)
+    if Thread.current == Thread.main
+      block.call
+    else
+      GTK_PENDING_BLOCKS_LOCK.synchronize do
+        GTK_PENDING_BLOCKS << block
+      end
+    end
+  end
+
+  def Gtk.main_with_queue(timeout=100)
+    Gtk.timeout_add(timeout) do
+      GTK_PENDING_BLOCKS_LOCK.synchronize do
+        GTK_PENDING_BLOCKS.each { |block| block.call }
+        GTK_PENDING_BLOCKS.clear
+      end
+      
+      true
+    end
+    
+    Gtk.main
+  end
+end

data/lib/baffle/gui.glade

@@ -0,0 +1,138 @@
+<?xml version="1.0" standalone="no"?> <!--*- mode: xml -*-->
+<!DOCTYPE glade-interface SYSTEM "http://glade.gnome.org/glade-2.0.dtd">
+
+<glade-interface>
+
+<widget class="GtkWindow" id="window">
+  <property name="width_request">810</property>
+  <property name="height_request">530</property>
+  <property name="visible">True</property>
+  <property name="title" translatable="yes">Baffle</property>
+  <property name="type">GTK_WINDOW_TOPLEVEL</property>
+  <property name="window_position">GTK_WIN_POS_CENTER</property>
+  <property name="modal">False</property>
+  <property name="resizable">False</property>
+  <property name="destroy_with_parent">False</property>
+  <property name="decorated">True</property>
+  <property name="skip_taskbar_hint">False</property>
+  <property name="skip_pager_hint">False</property>
+  <property name="type_hint">GDK_WINDOW_TYPE_HINT_NORMAL</property>
+  <property name="gravity">GDK_GRAVITY_NORTH_WEST</property>
+  <property name="focus_on_map">True</property>
+  <property name="urgency_hint">False</property>
+
+  <child>
+    <widget class="GtkFixed" id="fixed1">
+      <property name="width_request">820</property>
+      <property name="height_request">500</property>
+      <property name="visible">True</property>
+
+      <child>
+	<widget class="GtkComboBoxEntry" id="mac_addresses">
+	  <property name="width_request">304</property>
+	  <property name="height_request">32</property>
+	  <property name="visible">True</property>
+	  <property name="add_tearoffs">False</property>
+	  <property name="has_frame">True</property>
+	  <property name="focus_on_click">True</property>
+	</widget>
+	<packing>
+	  <property name="x">0</property>
+	  <property name="y">8</property>
+	</packing>
+      </child>
+
+      <child>
+	<widget class="GtkNotebook" id="results">
+	  <property name="width_request">808</property>
+	  <property name="height_request">472</property>
+	  <property name="visible">True</property>
+	  <property name="can_focus">True</property>
+	  <property name="show_tabs">True</property>
+	  <property name="show_border">True</property>
+	  <property name="tab_pos">GTK_POS_TOP</property>
+	  <property name="scrollable">True</property>
+	  <property name="enable_popup">False</property>
+	</widget>
+	<packing>
+	  <property name="x">0</property>
+	  <property name="y">56</property>
+	</packing>
+      </child>
+
+      <child>
+	<widget class="GtkButton" id="load">
+	  <property name="width_request">100</property>
+	  <property name="height_request">32</property>
+	  <property name="visible">True</property>
+	  <property name="can_focus">True</property>
+	  <property name="label" translatable="yes">Load</property>
+	  <property name="use_underline">True</property>
+	  <property name="relief">GTK_RELIEF_NORMAL</property>
+	  <property name="focus_on_click">True</property>
+	  <signal name="clicked" handler="on_load_clicked" last_modification_time="Mon, 04 Aug 2008 22:12:14 GMT"/>
+	</widget>
+	<packing>
+	  <property name="x">312</property>
+	  <property name="y">8</property>
+	</packing>
+      </child>
+
+      <child>
+	<widget class="GtkButton" id="remove">
+	  <property name="width_request">100</property>
+	  <property name="height_request">32</property>
+	  <property name="visible">True</property>
+	  <property name="can_focus">True</property>
+	  <property name="label" translatable="yes">Remove</property>
+	  <property name="use_underline">True</property>
+	  <property name="relief">GTK_RELIEF_NORMAL</property>
+	  <property name="focus_on_click">True</property>
+	  <signal name="clicked" handler="on_remove_clicked" last_modification_time="Mon, 04 Aug 2008 06:20:23 GMT"/>
+	</widget>
+	<packing>
+	  <property name="x">416</property>
+	  <property name="y">8</property>
+	</packing>
+      </child>
+
+      <child>
+	<widget class="GtkButton" id="scan_all">
+	  <property name="width_request">110</property>
+	  <property name="height_request">32</property>
+	  <property name="visible">True</property>
+	  <property name="can_focus">True</property>
+	  <property name="label" translatable="yes">Scan All</property>
+	  <property name="use_underline">True</property>
+	  <property name="relief">GTK_RELIEF_NORMAL</property>
+	  <property name="focus_on_click">True</property>
+	  <signal name="clicked" handler="on_scan_all_clicked" last_modification_time="Sun, 03 Aug 2008 01:39:04 GMT"/>
+	</widget>
+	<packing>
+	  <property name="x">696</property>
+	  <property name="y">8</property>
+	</packing>
+      </child>
+
+      <child>
+	<widget class="GtkButton" id="scan_selected">
+	  <property name="width_request">110</property>
+	  <property name="height_request">32</property>
+	  <property name="visible">True</property>
+	  <property name="can_focus">True</property>
+	  <property name="label" translatable="yes">Scan Selected</property>
+	  <property name="use_underline">True</property>
+	  <property name="relief">GTK_RELIEF_NORMAL</property>
+	  <property name="focus_on_click">True</property>
+	  <signal name="clicked" handler="on_scan_selected_clicked" last_modification_time="Sun, 03 Aug 2008 01:39:08 GMT"/>
+	</widget>
+	<packing>
+	  <property name="x">584</property>
+	  <property name="y">8</property>
+	</packing>
+      </child>
+    </widget>
+  </child>
+</widget>
+
+</glade-interface>

data/lib/baffle/gui.rb

@@ -0,0 +1,169 @@
+#!/usr/bin/env ruby
+
+require 'gtk2'
+require 'libglade2'
+require 'tempfile'
+require 'thread'
+
+require File.expand_path(File.join(File.dirname(__FILE__), '..', 'baffle.rb'))
+require File.expand_path(File.join(File.dirname(__FILE__), 'gtk_queue.rb'))
+
+module Baffle
+  class Gui
+    @@glade_path = File.expand_path(File.join(File.dirname(__FILE__), 'gui.glade'))
+    
+    def initialize(options)
+      @glade = GladeXML.new(@@glade_path) { |handler| method(handler) }
+      @options = options
+      @scan_lock = Mutex.new
+      
+      @window = @glade.get_widget('window')
+      @window.signal_connect("destroy") { Gtk.main_quit }
+      
+      @mac_addresses = @glade.get_widget('mac_addresses')
+      @mac_addresses.model = Gtk::ListStore.new(String)
+      @mac_addresses.text_column = 0
+      
+      @results = @glade.get_widget('results')
+      
+      on_refresh_clicked(@mac_addresses)
+    end
+    
+    def on_refresh_clicked(widget)
+      iwlist = `iwlist #{@options.capture} scan`
+      
+      essid = nil
+      bssid = nil
+      
+      @mac_addresses.model.clear
+      
+      iwlist.each_line do |line|
+        bssid = $1 if line =~ /Cell \d+ - Address: (([0-9a-fA-F]{2}[:]){5}[0-9a-fA-F]{2})/
+        essid = $1 if line =~ /ESSID:"([^"]+)"/
+        
+        @mac_addresses.append_text("#{bssid} #{essid}") if essid 
+        
+        essid = nil
+      end
+      
+      @mac_addresses.active = 0
+    end
+    
+    def on_scan_selected_clicked(widget)
+      args = parse(@mac_addresses.active_text)
+      scan(*args) if args
+    end
+    
+    def on_scan_all_clicked(widget)
+      @mac_addresses.model.each do |model, path, iter|
+        args = parse(iter.get_value(0))
+        scan(*args) if args
+      end
+    end
+    
+    def on_remove_clicked(widget)
+      @mac_addresses.remove_text(@mac_addresses.active)
+      @mac_addresses.active = 0
+    end
+    
+    def on_load_clicked(widget)
+      dialog = Gtk::FileChooserDialog.new("Choose a Kismet CSV file", @window, Gtk::FileChooser::ACTION_OPEN, nil, [Gtk::Stock::OPEN, Gtk::Dialog::RESPONSE_ACCEPT], [Gtk::Stock::CANCEL, Gtk::Dialog::RESPONSE_CANCEL])
+      
+      if dialog.run == Gtk::Dialog::RESPONSE_ACCEPT
+        @mac_addresses.model.clear
+        
+        File.open(dialog.filename).each_line do |line|
+          num, type, essid, bssid, rest = line.split(';')
+          
+          @mac_addresses.append_text("#{bssid} #{essid}") if type == 'infrastructure' && bssid =~ /^(([0-9a-fA-F]{2}[:]){5}[0-9a-fA-F]{2})$/
+        end
+        
+        @mac_addresses.active = 0
+      end
+      
+      dialog.destroy
+    end
+    
+    private
+    
+    def parse(text)
+      return $1, $3 if text =~ /^(([0-9a-fA-F]{2}[:]){5}[0-9a-fA-F]{2}) (.*)$/
+    end
+    
+    def scan(bssid, essid)
+      progress = Gtk::ProgressBar.new
+      progress.pulse_step = 0.05
+      
+      page = Gtk::ScrolledWindow.new
+      page.add_with_viewport(Gtk::VBox.new.add(progress))
+      page.set_policy(Gtk::POLICY_NEVER, Gtk::POLICY_AUTOMATIC)
+      
+      page_label = Gtk::Label.new("#{bssid} #{essid}")
+      
+      @results.append_page(page, page_label)
+      @window.show_all
+      
+      cur_page = @results.n_pages - 1
+      updated_page = Gtk::VBox.new
+      
+      Thread.new do
+        Gtk.queue { progress.text = 'Waiting to acquire scan lock...' }
+        
+        @scan_lock.lock
+        
+        @options.essid = essid
+        @options.bssid = bssid
+        
+        Gtk.queue { @results.page = cur_page }
+        
+        progress_count = 0
+        progress_total = Baffle::Probes.total_injection_values
+        
+        Baffle::Probes.each do |probe|
+          Gtk.queue { progress.text = "Running #{probe.name} probe..." }
+          
+          vector = probe.run(@options) do
+            progress_count += 1
+            
+            Gtk.queue { progress.fraction = progress_count.to_f / progress_total.to_f }
+          end
+          
+          unless vector
+            warn "Probe was skipped."
+            next
+          end
+          
+          temp = Tempfile.new('baffle.svg')
+          temp_path = temp.path
+          temp.close!
+          
+          File.open(temp_path, 'w') do |f|
+            f << Baffle.fingerprint_diagram(vector).to_s
+          end
+
+          hypothesis = probe.hypothesize(vector)
+          
+          Gtk.queue do
+            updated_page.add(Gtk::Label.new("#{probe.name} - #{hypothesis}")).add(Gtk::Image.new(temp_path))
+          end
+        end
+        
+        Gtk.queue do
+          page.each do |child|
+            page.remove(child)
+          end
+          page.add_with_viewport(updated_page)
+          page_label.set_markup("<b>#{page_label.text}</b>")
+          @window.show_all
+        end
+        
+        @scan_lock.unlock
+      end
+    end
+    
+    def self.run(options)
+      Gui.new(options)
+      Gtk.main_with_queue
+    end
+  end
+end

data/lib/baffle/options.rb

@@ -0,0 +1,84 @@
+require 'optparse'
+
+module Baffle
+  class Options
+    attr_accessor :inject
+    attr_accessor :capture
+    attr_accessor :driver
+    attr_accessor :channel
+    attr_accessor :train
+    attr_accessor :verbose
+    attr_accessor :fpdiagram
+    attr_accessor :plot_prefix
+    attr_accessor :bssid, :essid
+    attr_accessor :gui
+    
+    def initialize
+      @inject   = 'ath0'
+      @capture  = 'ath0'
+      @driver   = 'madwifing'
+      @channel  = 11
+      @train    = false
+      @verbose  = false
+      @gui      = false
+    end
+    
+    def train?; @train == true; end
+    def verbose?; @verbose == true; end
+    def gui?; @gui == true; end
+    def interface=(value); self.inject = value; self.capture = value; end
+    
+    def self.parse(args)
+      options = Options.new
+      
+      opts = OptionParser.new do |opts|
+        opts.program_name = "baffle"
+        opts.version      = "0.2.0"
+        
+        opts.banner = "Usage: #{opts.program_name} [options] bssid essid"
+        
+        opts.separator("")
+        opts.separator("Fingerprinting options:")
+        opts.on("-i INTERFACE", "--interface INTERFACE", "The INTERFACE to use for both injection and capture (default: ath0)") { |interface| options.interface = interface }
+        opts.on("-j INTERFACE", "--inject INTERFACE", "The INTERFACE to use for injection (default: ath0)") { |interface| options.inject = interface }
+        opts.on("-c INTERFACE", "--capture INTERFACE", "The INTERFACE to use for capture (default: ath0)") { |interface| options.capture = interface }
+        opts.on("-d DRIVER", "--driver DRIVER", "The driver used for injection (default: madwifing)") { |driver| options.driver = driver }
+        opts.on("-h CHANNEL", "--channel CHANNEL", "The channel to listen on (default: 11)") { |channel| options.channel = channel.to_i }
+        
+        opts.separator("")
+        opts.separator("Output options:")
+        opts.on("-f SVGPREFIX", "--fpdiagram SVGPREFIX", "Write a fingerprint diagram for each probe used, using SVGPREFIX") { |svgprefix| options.fpdiagram = svgprefix }
+        opts.on("-p SVGPREFIX", "--plot SVGPREFIX", "Write a plot file for each probe used, using SVGPREFIX") { |svgprefix| options.plot_prefix = svgprefix }
+        
+        opts.separator("")
+        opts.separator("Training options:")
+        opts.on("-t", "--train", "Train baffle with a new device fingerprint") { options.train = true }
+        
+        opts.separator("")
+        opts.separator("Common options:")
+        opts.on("-v", "--verbose", "More detailed output") { options.verbose = true }
+        opts.on("-?", "--help", "Show this message") { puts opts.help; exit }
+        opts.on("--version", "Print the version") { puts opts.ver; exit }
+          
+        opts.separator("")
+        opts.separator("Other options:")
+        opts.on("-g", "--gui", "Show gui") { options.gui = true }
+      end
+      
+      bssid, essid = opts.parse!(args)
+      
+      if bssid =~ /^([0-9a-fA-F]{2}:){5}[0-9a-fA-F]{2}$/
+        options.bssid = bssid
+      end
+      
+      options.essid = essid
+      
+      unless options.gui? || (options.bssid && options.essid)
+        puts opts.help 
+        exit
+      end
+      
+      options
+    end
+  end
+end

data/lib/baffle/probe.rb

@@ -0,0 +1,193 @@
+require 'rubygems'
+require 'dot11'
+require 'rb-pcap'
+require 'facets/array/product'
+require 'linalg'
+require 'thread'
+require 'yaml'
+
+require File.expand_path(File.join(File.dirname(__FILE__), 'util'))
+
+module Baffle
+  module Probes
+    def self.<<(probe)
+      @probes << probe
+    end
+    
+    def self.load
+      return if @probes
+      
+      @probes = []
+      
+      Dir[File.join(File.dirname(__FILE__), "probes", "*.rb")].each do |file|
+        require File.expand_path(file)
+      end
+      
+      probe_data = YAML::load(File.open(File.join(File.dirname(__FILE__), '..', '..', 'data', 'probes.yml')))
+      
+      @probes.each do |probe|
+        next unless probe_data[probe.name]
+       
+        probe_data[probe.name].each do |name, vectors|
+          vectors.each do |vector|
+            probe.training_data[name] << vector
+          end
+        end
+      end
+      
+      @probes
+    end
+    
+    def self.each
+      self.load
+      
+      @probes.each do |probe|
+        yield probe
+      end
+    end
+    
+    def self.total_injection_values
+      self.load
+      
+      @probes.inject(0) { |sum, probe| sum += probe.injection_values.size * probe.repeats }
+    end
+  end
+  
+  class Probe
+    attr_reader :name, :training_data, :injection_values, :injection_proc, :filter_procs, :capture_procs
+    
+    def initialize(name, &block)
+      @name             = name
+      @training_data    = Hash.new {|hash, key| hash[key] = []}
+      @names            = []
+      @injection_values = nil
+      @injection_proc   = nil
+      @filter_procs     = {}
+      @capture_procs    = {}
+      @repeat           = 1
+      
+      instance_eval(&block)
+    end
+    
+    def run(options, &block)
+      unless options.train?
+        return nil unless learn
+      end
+
+      samples = []
+      
+      @repeat.times do |i|
+        samples[i] = []
+        
+        filters = {}
+        @filter_procs.each do |name, filter_proc|
+          filter = filter_proc.call(options)
+          
+          case filter
+          when Dot11::Packet
+            filter = Dot11::PacketSet.new(Dot11::Dot11, :payload => filter) if !filter.kind_of?(Dot11::Dot11)
+          when Dot11::PacketSet
+            puts "filter is Dot11::PacketSet"
+            filter = Dot11::PacketSet.new(Dot11::Dot11, :payload => filter) if filter.packet_class != Dot11::Dot11
+          end
+          
+          filters[name] = Capture::Filter.new(filter.to_filter)
+        end
+        
+        sniff_thread = Thread.new do
+          filter = filters.values.map { |filter| "(#{filter.expression})" }.join(" || ")
+          
+          Baffle::sniff(:device => options.capture, :filter => filter) do |packet|
+            filters.each do |name, filter|
+              samples[i] << @capture_procs[name].call(packet) if filter =~ packet.data
+            end
+          end
+        end
+        
+        Baffle::emit(options, @injection_proc, @injection_values, &block)
+        sniff_thread.kill
+      end
+      
+      @vector = @compute_vector.call(samples)
+    end
+    
+    def inject(car, *cdr, &block)
+      @injection_proc   = block
+      @injection_values = car.to_a rescue []
+      @injection_values = @injection_values.product(*cdr.map{ |v| v.to_a rescue []})
+    end
+    
+    def compute_vector(&block)
+      @compute_vector = block
+    end
+    
+    def filter(name, &block)
+      @filter_procs[name] = block
+    end
+    
+    def capture(name, &block)
+      @capture_procs[name] = block
+    end
+    
+    def repeat(count)
+      @repeat = count
+    end
+    
+    def repeats
+      @repeat
+    end
+    
+    # Gets called when all training samples have been loaded
+    def learn
+      # The code below assumes at least two training values, and doing it with any fewer
+      # doesn't make much sense anyway
+      return false if @training_data.size < 2
+      
+      # Doing it this way to make sure we have the same row/column order in names as we do in our matrix.
+      # (there are no guarantees that two iterations over the pairs in a hash will have the same order)
+      row_matrix, @names = @training_data.inject([[], []]) do |result, pair| 
+        result[0] += pair[1]
+        pair[1].length.times { result[1] << pair[0] }
+        result
+      end
+      
+      # We need a matrix of column vectors
+      column_matrix = row_matrix.transpose
+            
+      m = Linalg::DMatrix[*column_matrix]
+      
+      u, s, vt = m.singular_value_decomposition
+      vt = vt.transpose
+      
+      # Do we want more than 2 dimensions? TODO: test other numbers of dimensions
+      @u2 = Linalg::DMatrix.join_columns [u.column(0), u.column(1)]
+      @v2 = Linalg::DMatrix.join_columns [vt.column(0), vt.column(1)]
+      @eig2 = Linalg::DMatrix.columns [s.column(0).to_a.flatten[0,2], s.column(1).to_a.flatten[0,2]]
+      
+      true
+    end
+    
+    # Build a hash of hypotheses on the given vector, with confidence ratings on each hypothesis
+    def hypothesize(vector)
+      similarities = []
+      
+      vector_embedded = Linalg::DMatrix[vector] * @u2 * @eig2.inv
+      
+      @v2.rows.each_with_index do |row, i|
+        similarities << [@names[i], vector_embedded.transpose.dot(row.transpose) / (row.norm * vector_embedded.norm)]
+      end
+      
+      sorted_similarities = similarities.delete_if { |name, score| score.nan? }.sort_by { |name, score| -score }
+      name, score = sorted_similarities.first
+      
+      name ||= 'Unknown'
+      score ||= 'NaN'
+      
+      "#{name} (#{score})"
+    end
+  end
+end
+
+def probe(name, &block)
+  Baffle::Probes << Baffle::Probe.new(name, &block)
+end

data/lib/baffle/probes/authreq_flags.rb

@@ -0,0 +1,45 @@
+probe "authreq_flags" do
+  inject(0..255) do |options, flags|
+    local_bssid   = "ba:ad:"
+    local_bssid  << options.bssid.slice(-5..-1)
+    local_bssid  << ":00:"
+    local_bssid  << "00#{flags.to_s(16)}".slice(-2..-1)
+    
+    Dot11::Dot11.new(:subtype =>   0xb,
+                     :type =>      0x0,
+                     :version =>   0x0,
+                     :flags =>     flags,
+                     :duration =>  0x0000,
+                     :addr1 =>     options.bssid,
+                     :addr2 =>     local_bssid,
+                     :addr3 =>     options.bssid,
+                     :sc =>        0x0000, # This is auto-filled in by the driver.
+                     :payload =>   Dot11::Dot11::Dot11Auth.new(:algo   => 0x0000,
+                                                               :seqnum => 0x0001,
+                                                               :status => 0x0000)) 
+  end
+  
+  filter :subtype_addr1 do |options|
+    local_bssid   = "ba:ad:"
+    local_bssid  << options.bssid.slice(-5..-1)
+    local_bssid  << ":00:00/32"
+    
+    Dot11::Dot11.new(:type => 0, :subtype => 0xb, :addr1 => local_bssid)
+  end
+  
+  capture :subtype_addr1 do |packet|
+    packet.addr1.to_i & 0xff
+  end
+  
+  compute_vector do |samples|
+    vector = Array.new(256, 0)
+    
+    samples.each do |sample|
+      sample.each do |flags|
+        vector[flags] += 1
+      end
+    end
+    
+    vector
+  end
+end

data/lib/baffle/probes/probereq_flags.rb

@@ -0,0 +1,51 @@
+probe "probereq_flags" do
+  inject(0..255) do |options, flags|
+    local_bssid   = "f0:0d:"
+    local_bssid  << options.bssid.slice(-5..-1)
+    local_bssid  << ":00:"
+    local_bssid  << "00#{flags.to_s(16)}".slice(-2..-1)
+    
+    Dot11::Dot11.new(:subtype =>  0x4,
+                     :type =>     0x0,
+                     :version =>  0x0,
+                     :flags =>    flags,
+                     :duration => 0x0000,
+                     :addr1 =>    options.bssid,
+                     :addr2 =>    local_bssid,
+                     :addr3 =>    options.bssid,
+                     :sc =>       0x0000, # This is auto-filled in by the driver.
+                     :payload =>  Dot11::Dot11::Dot11ProbeReq.new /
+                                  Dot11::Dot11::Dot11Elt.new(
+                                    :id =>           0x00,
+                                    :info_length =>  options.essid.length,
+                                    :info =>         options.essid) /
+                                  Dot11::Dot11::Dot11Elt.new(
+                                    :id =>           0x01,
+                                    :info_length =>  0x08,
+                                    :info =>         [0x82, 0x84, 0x0b, 0x16, 0x0c, 0x12, 0x18, 0x24].pack("c*")))
+  end
+  
+  filter :subtype_addr1 do |options|
+    local_bssid   = "f0:0d:"
+    local_bssid  << options.bssid.slice(-5..-1)
+    local_bssid  << ":00:00/32"
+    
+    Dot11::Dot11.new(:type => 0, :subtype => 0x5, :addr1 => local_bssid)
+  end
+  
+  capture :subtype_addr1 do |packet|
+    packet.addr1.to_i & 0xff
+  end
+  
+  compute_vector do |samples|
+    vector = Array.new(256, 0)
+    
+    samples.each do |sample|
+      sample.each do |flags|
+        vector[flags] += 1
+      end
+    end
+    
+    vector
+  end
+end

data/lib/baffle/util.rb

@@ -0,0 +1,36 @@
+require 'rubygems'
+require 'rb-pcap'
+require 'rb-lorcon'
+
+module Baffle
+  def self.emit(options, injection_proc, injection_values)
+    @device = Lorcon::Device.new(options.inject, options.driver)
+    @device.fmode      = "INJMON"
+    @device.channel    = options.channel
+    
+    injection_values << [nil] if injection_values.empty?
+
+    injection_values.each do |args|
+      packet = injection_proc.call(options, *args)
+      yield packet if block_given?
+      send_p(packet.data)
+      sleep 0.05
+    end
+  end  
+  
+  def self.send_p(packet)
+    @device.write(packet, 1, 0)
+  end
+  
+  def self.sniff(*params)
+    Capture.open(*params) do |capture|
+      capture.each do |packet|
+        packet = packet[0..-5]
+        packet = Dot11::Radiotap.new(packet)
+        packet = packet.payload
+
+        yield packet        
+      end
+    end
+  end
+end

metadata

@@ -0,0 +1,108 @@
+--- !ruby/object:Gem::Specification 
+name: baffle
+version: !ruby/object:Gem::Version 
+  version: 0.2.1
+platform: ruby
+authors: 
+- Cory T. Cornelius
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2008-08-02 00:00:00 -04:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: rb-lorcon
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 0.1.0
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: rb-pcap
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 0.1.0
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: dot11
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 0.1.0
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: facets
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 2.4.1
+    version: 
+description: See README.markdown for more information.
+email: 
+- cory.t.cornelius@dartmouth.edu
+executables: 
+- baffle
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- README.markdown
+- LICENSE
+- bin/baffle
+- lib/baffle.rb
+- lib/baffle/fingerprint_diagram.rb
+- lib/baffle/gtk_queue.rb
+- lib/baffle/options.rb
+- lib/baffle/probe.rb
+- lib/baffle/util.rb
+- lib/baffle/gui.rb
+- lib/baffle/gui.glade
+- lib/baffle/probes/authreq_flags.rb
+- lib/baffle/probes/probereq_flags.rb
+- data/probes.yml
+has_rdoc: true
+homepage: http://baffle.cs.dartmouth.edu/
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.5
+signing_key: 
+specification_version: 3
+summary: A Behavioral Active Fingerprinting tool for 802.11 APs, operating entirely within the Link Layer.
+test_files: []
+