pwn 0.5.506 → 0.5.507

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ff5a5cd8f4d9e0ce9d23468de01cb6c0f685ed4c9541e08af39dcb05b8c50d67
-  data.tar.gz: e9afe048562d6d832972c9990a24db2b78a6d5c76e95959079ac4412e959c152
+  metadata.gz: f5f3b2e3e72d554719b28120d3ccb558d563b5d0d70ca79425994eaf20977bc7
+  data.tar.gz: 2a59f3fb5bbe1b66192ebd4c4cd7c6528ead94ffb06770089aaff9806dc83130
 SHA512:
-  metadata.gz: 30d268063617d51deeed10b035ed8566913eebf114247ea8f4d988347a447faff622105e032f103ece1a56a69145e8ade0a79a6c9b0ec183f075065ca9d25818
-  data.tar.gz: 1c8deccd120888637f7a257cd3304374caac61bb9276a6f48b7c20a68e00087a7ec952a2c823745e62aa87c720c478b99f69e367ad95151365d06f644cfd49a0
+  metadata.gz: 846169897acd7a88a03c71c65f08e1502ad13ab98538000cf613ad9ff0d43844631510ffb75b32f186e6aca75df0761a92cb030c7014466f7c93e3826d1dae1d
+  data.tar.gz: 4974d662081fdc274fc8332265fcc41c5b51a8fcd9de3794641f46719002db226c1659bea12d19969bb5b1ef3ab3d93d088a16885de6a337ee6ab1cff86a9224

data/Gemfile

@@ -38,7 +38,7 @@ gem 'gem-wrappers', '1.4.0'
 gem 'geocoder', '1.8.6'
 gem 'gist', '6.0.0'
 gem 'gruff', '0.29.0'
-gem 'htmlentities', '4.3.4'
+gem 'htmlentities', '4.4.2'
 gem 'ipaddress', '0.8.3'
 gem 'jenkins_api_client2', '1.9.0'
 gem 'js-beautify', '0.1.8'
@@ -90,7 +90,7 @@ gem 'rvm', '1.11.3.9'
 gem 'savon', '2.15.1'
 gem 'selenium-devtools', '0.142.0'
 gem 'selenium-webdriver', '4.38.0'
-gem 'slack-ruby-client', '3.0.0'
+gem 'slack-ruby-client', '3.1.0'
 gem 'socksify', '1.8.1'
 gem 'spreadsheet', '1.3.4'
 gem 'sqlite3', '2.8.0'

data/README.md

@@ -37,7 +37,7 @@ $ cd /opt/pwn
 $ ./install.sh
 $ ./install.sh ruby-gem
 $ pwn
-pwn[v0.5.506]:001 >>> PWN.help
+pwn[v0.5.507]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.4@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.5.506]:001 >>> PWN.help
+pwn[v0.5.507]:001 >>> PWN.help
 ```
 
 If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.4@pwn
 $ rvmsudo gem uninstall --all --executables pwn
 $ rvmsudo gem install --verbose pwn
 $ pwn
-pwn[v0.5.506]:001 >>> PWN.help
+pwn[v0.5.507]:001 >>> PWN.help
 ```
 
 PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`.  The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:

data/bin/pwn_gqrx_scanner

@@ -9,8 +9,8 @@ PWN::Driver::Parser.new do |options|
     opts[:profile] = p
   end
 
-  options.on('-l', '--list-profiles', '<Optional - List supported profiles and exit>') do |l|
-    opts[:list_profiles] = l
+  options.on('-l', '--list-scan-profiles', '<Optional - List supported scan profiles and exit>') do |l|
+    opts[:list_scan_profiles] = l
   end
 
   options.on('-tFREQ', '--target-freq=FREQ', '<Required if "--assume-profile" is Nil - Frequency to Conclude Scanning (e.g. 900.000.000 == 900 mHz>') do |e|
@@ -74,15 +74,15 @@ begin
   pwn_provider = 'ruby-gem'
   pwn_provider = ENV.fetch('PWN_PROVIDER') if ENV.keys.any? { |s| s == 'PWN_PROVIDER' }
 
-  list_profiles = opts[:list_profiles]
-  if list_profiles
-    profiles_available = PWN::Plugins::GQRX.list_profiles
+  list_scan_profiles = opts[:list_scan_profiles]
+  if list_scan_profiles
+    profiles_available = PWN::SDR::GQRX.list_scan_profiles
     puts JSON.pretty_generate(profiles_available)
     exit 0
   end
 
   profile = opts[:profile]
-  opts = PWN::Plugins::GQRX.assume_profile(profile: profile) unless profile.nil?
+  opts = PWN::SDR::GQRX.assume_profile(profile: profile) unless profile.nil?
 
   target_freq = opts[:target_freq]
   target_freq = target_freq.to_s.delete('.') unless target_freq.nil?
@@ -93,13 +93,13 @@ begin
   port = opts[:port]
 
   puts "Connecting to GQRX at #{host}:#{port}..."
-  gqrx_sock = PWN::Plugins::GQRX.connect(target: host, port: port)
+  gqrx_sock = PWN::SDR::GQRX.connect(target: host, port: port)
 
   start_freq = opts[:start_freq]
   start_freq = start_freq.to_s.delete('.') unless start_freq.nil?
   start_freq = start_freq.to_i
   if start_freq.zero?
-    start_freq = PWN::Plugins::GQRX.gqrx_cmd(
+    start_freq = PWN::SDR::GQRX.gqrx_cmd(
       gqrx_sock: gqrx_sock, cmd: 'f',
       resp_ok: 'RPRT 0'
     ).to_i
@@ -115,7 +115,7 @@ begin
 
   puts "Setting demodulator mode to #{demodulator_mode} and bandwidth to #{bandwidth}..."
   bandwidth = bandwidth.to_s.delete('.').to_i unless bandwidth.nil?
-  demod_resp = PWN::Plugins::GQRX.gqrx_cmd(
+  demod_resp = PWN::SDR::GQRX.gqrx_cmd(
     gqrx_sock: gqrx_sock,
     cmd: "M #{demodulator_mode} #{bandwidth}",
     resp_ok: 'RPRT 0'
@@ -123,7 +123,7 @@ begin
 
   audio_gain_db = opts[:audio_gain_db] ||= 1.0
   audio_gain_db = audio_gain_db.to_f
-  audio_gain_db_resp = PWN::Plugins::GQRX.gqrx_cmd(
+  audio_gain_db_resp = PWN::SDR::GQRX.gqrx_cmd(
     gqrx_sock: gqrx_sock,
     cmd: "L AF #{audio_gain_db}",
     resp_ok: 'RPRT 0'
@@ -131,7 +131,7 @@ begin
 
   squelch = opts[:squelch] ||= -63.0
   squelch = squelch.to_f
-  squelch_resp = PWN::Plugins::GQRX.gqrx_cmd(
+  squelch_resp = PWN::SDR::GQRX.gqrx_cmd(
     gqrx_sock: gqrx_sock,
     cmd: "L SQL #{squelch}",
     resp_ok: 'RPRT 0'
@@ -149,7 +149,7 @@ begin
 
   rf_gain = opts[:rf_gain] ||= 0.0
   rf_gain = rf_gain.to_f
-  rf_gain_resp = PWN::Plugins::GQRX.gqrx_cmd(
+  rf_gain_resp = PWN::SDR::GQRX.gqrx_cmd(
     gqrx_sock: gqrx_sock,
     cmd: "L RF_GAIN #{rf_gain}",
     resp_ok: 'RPRT 0'
@@ -157,7 +157,7 @@ begin
 
   intermediate_gain = opts[:intermediate_gain] ||= 32.0
   intermediate_gain = intermediate_gain.to_f
-  intermediate_resp = PWN::Plugins::GQRX.gqrx_cmd(
+  intermediate_resp = PWN::SDR::GQRX.gqrx_cmd(
     gqrx_sock: gqrx_sock,
     cmd: "L IF_GAIN #{intermediate_gain}",
     resp_ok: 'RPRT 0'
@@ -165,7 +165,7 @@ begin
 
   baseband_gain = opts[:baseband_gain] ||= 10.0
   baseband_gain = baseband_gain.to_f
-  baseband_resp = PWN::Plugins::GQRX.gqrx_cmd(
+  baseband_resp = PWN::SDR::GQRX.gqrx_cmd(
     gqrx_sock: gqrx_sock,
     cmd: "L BB_GAIN #{baseband_gain}",
     resp_ok: 'RPRT 0'
@@ -175,7 +175,7 @@ begin
   t_freq_pretty = target_freq.to_s.chars.insert(-4, '.').insert(-8, '.').join
   puts "*** Scanning from #{s_freq_pretty} to #{t_freq_pretty}\n\n\n"
 
-  PWN::Plugins::GQRX.scan_range(
+  PWN::SDR::GQRX.scan_range(
     gqrx_sock: gqrx_sock,
     demodulator_mode: demodulator_mode,
     bandwidth: bandwidth,
@@ -192,5 +192,5 @@ rescue StandardError => e
 rescue Interrupt, SystemExit
   puts "\nGoodbye."
 ensure
-  gqrx_sock = PWN::Plugins::GQRX.disconnect(gqrx_sock: gqrx_sock) unless gqrx_sock.nil?
+  gqrx_sock = PWN::SDR::GQRX.disconnect(gqrx_sock: gqrx_sock) unless gqrx_sock.nil?
 end

data/bin/pwn_serial_son_micro_sm132_rfid

@@ -44,7 +44,7 @@ begin
   parity = opts[:parity]
   flow_control = opts[:flow_control]
 
-  son_micro_rfid_obj = PWN::Plugins::SonMicroRFID.connect(
+  son_micro_rfid_obj = PWN::SDR::SonMicroRFID.connect(
     block_dev: block_dev,
     baud: baud,
     data_bits: data_bits,
@@ -60,7 +60,7 @@ begin
     puts "Signals: #{son_micro_rfid_obj[:serial_conn].signals}"
   end
 
-  exec_resp = PWN::Plugins::SonMicroRFID.exec(
+  exec_resp = PWN::SDR::SonMicroRFID.exec(
     son_micro_rfid_obj: son_micro_rfid_obj,
     cmd: :firmware
   )
@@ -76,7 +76,7 @@ begin
   menu_msg = ''
   loop do
     unless menu_msg.include?('ERROR')
-      exec_resp = PWN::Plugins::SonMicroRFID.exec(
+      exec_resp = PWN::SDR::SonMicroRFID.exec(
         son_micro_rfid_obj: son_micro_rfid_obj,
         cmd: :antenna_power,
         params: :on
@@ -100,7 +100,7 @@ begin
     when :R
       menu_msg = 'READ TAG'
       begin
-        rfid_data = PWN::Plugins::SonMicroRFID.read_tag(son_micro_rfid_obj: son_micro_rfid_obj)
+        rfid_data = PWN::SDR::SonMicroRFID.read_tag(son_micro_rfid_obj: son_micro_rfid_obj)
         puts "\nRFID Data:"
         puts "Tag ID: #{rfid_data[:tag_id]}"
         puts "Block Data: #{rfid_data[:block_data]}" if rfid_data[:block_data]
@@ -110,7 +110,7 @@ begin
     when :B
       menu_msg = 'BACKUP TAG TO FILE'
       begin
-        rfid_data = PWN::Plugins::SonMicroRFID.backup_tag(son_micro_rfid_obj: son_micro_rfid_obj)
+        rfid_data = PWN::SDR::SonMicroRFID.backup_tag(son_micro_rfid_obj: son_micro_rfid_obj)
         puts "\nBackup successful. RFID Data:"
         puts "Tag ID: #{rfid_data[:tag_id]}"
         puts "Block Data: #{rfid_data[:block_data]}" if rfid_data[:block_data]
@@ -123,7 +123,7 @@ begin
       next unless gets.chomp.strip.upcase == 'Y'
 
       begin
-        rfid_data = PWN::Plugins::SonMicroRFID.clone_tag(son_micro_rfid_obj: son_micro_rfid_obj)
+        rfid_data = PWN::SDR::SonMicroRFID.clone_tag(son_micro_rfid_obj: son_micro_rfid_obj)
         puts "\nClone successful. RFID Data:"
         puts "Tag ID: #{rfid_data[:tag_id]}"
         puts "Block Data: #{rfid_data[:block_data]}" if rfid_data[:block_data]
@@ -136,7 +136,7 @@ begin
       next unless gets.chomp.strip.upcase == 'Y'
 
       begin
-        rfid_data = PWN::Plugins::SonMicroRFID.load_tag_from_file(son_micro_rfid_obj: son_micro_rfid_obj)
+        rfid_data = PWN::SDR::SonMicroRFID.load_tag_from_file(son_micro_rfid_obj: son_micro_rfid_obj)
         puts "\nLoad successful. RFID Data:"
         puts "Tag ID: #{rfid_data[:tag_id]}"
         puts "Block Data: #{rfid_data[:block_data]}" if rfid_data[:block_data]
@@ -149,7 +149,7 @@ begin
       next unless gets.chomp.strip.upcase == 'Y'
 
       begin
-        rfid_data = PWN::Plugins::SonMicroRFID.update_tag(son_micro_rfid_obj: son_micro_rfid_obj)
+        rfid_data = PWN::SDR::SonMicroRFID.update_tag(son_micro_rfid_obj: son_micro_rfid_obj)
         puts "\nUpdate successful. RFID Data:"
         puts "Tag ID: #{rfid_data[:tag_id]}"
         puts "Block Data: #{rfid_data[:block_data]}" if rfid_data[:block_data]
@@ -159,7 +159,7 @@ begin
     when :W
       menu_msg = 'WARM RESET'
       begin
-        exec_resp = PWN::Plugins::SonMicroRFID.exec(
+        exec_resp = PWN::SDR::SonMicroRFID.exec(
           son_micro_rfid_obj: son_micro_rfid_obj,
           cmd: :reset
         )
@@ -171,7 +171,7 @@ begin
       exit
     else
       menu_msg = '****** ERROR: Invalid Menu Option Selected ******'
-      exec_resp = PWN::Plugins::SonMicroRFID.exec(
+      exec_resp = PWN::SDR::SonMicroRFID.exec(
         son_micro_rfid_obj: son_micro_rfid_obj,
         cmd: :antenna_power,
         params: :off
@@ -184,5 +184,5 @@ rescue StandardError => e
 rescue SystemExit, Interrupt
   puts "\nGoodbye."
 ensure
-  PWN::Plugins::SonMicroRFID.disconnect(son_micro_rfid_obj: son_micro_rfid_obj) if son_micro_rfid_obj
+  PWN::SDR::SonMicroRFID.disconnect(son_micro_rfid_obj: son_micro_rfid_obj) if son_micro_rfid_obj
 end

data/lib/pwn/ai.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module PWN
-  # This file, using the autoload directive loads SP plugins
+  # This file, using the autoload directive loads AI modules
   # into memory only when they're needed. For more information, see:
   # http://www.rubyinside.com/ruby-techniques-revealed-autoload-1652.html
   module AI

data/lib/pwn/aws.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module PWN
-  # This file, using the autoload directive loads SP aws
+  # This file, using the autoload directive loads AWS modules
   # into memory only when they're needed. For more information, see:
   # http://www.rubyinside.com/ruby-techniques-revealed-autoload-1652.html
   module AWS

data/lib/pwn/banner.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module PWN
-  # This file, using the autoload directive loads SP reports
+  # This file, using the autoload directive loads Banner modules
   # into memory only when they're needed. For more information, see:
   # http://www.rubyinside.com/ruby-techniques-revealed-autoload-1652.html
   module Banner

data/lib/pwn/blockchain.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module PWN
-  # This file, using the autoload directive loads SP plugins
+  # This file, using the autoload directive loads Blockchain modules
   # into memory only when they're needed. For more information, see:
   # http://www.rubyinside.com/ruby-techniques-revealed-autoload-1652.html
   module Blockchain

data/lib/pwn/ffi.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module PWN
-  # This file, using the autoload directive loads SP reports
+  # This file, using the autoload directive loads FFI modules
   # into memory only when they're needed. For more information, see:
   # http://www.rubyinside.com/ruby-techniques-revealed-autoload-1652.html
   module FFI

data/lib/pwn/plugins/burp_suite.rb

@@ -265,13 +265,13 @@ module PWN
               end
             end
           rescue Errno::ECONNREFUSED
-            puts 'BurpSuite AI Introspection Thread >>> Terminating API Calls...'
+            puts "BurpSuite:#{type} AI Introspection Thread >>> Terminating API Calls..."
           rescue StandardError => e
             puts "BurpSuite AI Introspection Thread Error: #{e}"
             puts e.backtrace
             raise e
           ensure
-            puts 'BurpSuite AI Introspection Thread >>> Goodbye.'
+            puts "BurpSuite:#{type} AI Introspection Thread >>> Goodbye."
           end
 
           burp_obj[:introspection_threads] = introspection_thread_arr.push(introspection_thread)

data/lib/pwn/plugins.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module PWN
-  # This file, using the autoload directive loads SP plugins
+  # This file, using the autoload directive loads Plugins modules
   # into memory only when they're needed. For more information, see:
   # http://www.rubyinside.com/ruby-techniques-revealed-autoload-1652.html
   module Plugins
@@ -25,11 +25,9 @@ module PWN
     autoload :DetectOS, 'pwn/plugins/detect_os'
     autoload :EIN, 'pwn/plugins/ein'
     autoload :FileFu, 'pwn/plugins/file_fu'
-    autoload :FlipperZero, 'pwn/plugins/flipper_zero'
     autoload :Fuzz, 'pwn/plugins/fuzz'
     autoload :Git, 'pwn/plugins/git'
     autoload :Github, 'pwn/plugins/github'
-    autoload :GQRX, 'pwn/plugins/gqrx'
     autoload :HackerOne, 'pwn/plugins/hacker_one'
     autoload :Hunter, 'pwn/plugins/hunter'
     autoload :IPInfo, 'pwn/plugins/ip_info'
@@ -47,8 +45,6 @@ module PWN
     autoload :NmapIt, 'pwn/plugins/nmap_it'
     autoload :OAuth2, 'pwn/plugins/oauth2'
     autoload :OCR, 'pwn/plugins/ocr'
-    autoload :Ollama, 'pwn/plugins/ollama'
-    autoload :OpenAI, 'pwn/plugins/open_ai'
     autoload :OpenAPI, 'pwn/plugins/open_api'
     autoload :OpenVAS, 'pwn/plugins/openvas'
     autoload :Packet, 'pwn/plugins/packet'
@@ -57,13 +53,11 @@ module PWN
     autoload :PS, 'pwn/plugins/ps'
     autoload :RabbitMQ, 'pwn/plugins/rabbit_mq'
     autoload :REPL, 'pwn/plugins/repl'
-    autoload :RFIDler, 'pwn/plugins/rfidler'
     autoload :ScannableCodes, 'pwn/plugins/scannable_codes'
     autoload :Serial, 'pwn/plugins/serial'
     autoload :Shodan, 'pwn/plugins/shodan'
     autoload :SlackClient, 'pwn/plugins/slack_client'
     autoload :Sock, 'pwn/plugins/sock'
-    autoload :SonMicroRFID, 'pwn/plugins/son_micro_rfid'
     autoload :Spider, 'pwn/plugins/spider'
     autoload :SSN, 'pwn/plugins/ssn'
     autoload :ThreadPool, 'pwn/plugins/thread_pool'

data/lib/pwn/reports.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module PWN
-  # This file, using the autoload directive loads SP reports
+  # This file, using the autoload directive loads Report modules
   # into memory only when they're needed. For more information, see:
   # http://www.rubyinside.com/ruby-techniques-revealed-autoload-1652.html
   module Reports

data/lib/pwn/sast.rb

@@ -1,8 +1,8 @@
 # frozen_string_literal: true
 
 module PWN
-  # This file, using the autoload directive loads SP static code analysis
-  # modules into memory only when they're needed. For more information, see:
+  # This file, using the autoload directive loads SAST modules
+  # into memory only when they're needed. For more information, see:
   # http://www.rubyinside.com/ruby-techniques-revealed-autoload-1652.html
   module SAST
     # Zero False Negative SAST Modules

data/lib/pwn/sdr/decoder/gsm.rb

@@ -0,0 +1,200 @@
+# frozen_string_literal: true
+
+module PWN
+  module SDR
+    module Decoder
+      # SDR Decoder for GSM signals.
+      module GSM
+        POWER_THRESHOLD = 0.1
+        SLEEP_INTERVAL = 0.1
+        HEADER_SIZE = 44
+        BURST_DURATION_SEC = 0.000577
+
+        # TSC 0 binary sequence (26 bits): 00100101110000101010011011
+        TSC_0 = [0, 0, 1, 0, 0, 1, 0, 1, 1, 1, 0, 0, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 1, 0, 1, 1].freeze
+
+        # Starts the live decoding thread.
+        def self.start(opts = {})
+          gqrx_obj = opts[:gqrx_obj]
+          raise ':ERROR: :gqrx_obj is required' unless gqrx_obj.is_a?(Hash)
+
+          record_path = gqrx_obj[:record_path]
+          frequency = gqrx_obj[:frequency]
+          sample_rate = gqrx_obj[:bandwidth].to_i
+          gqrx_sock = gqrx_obj[:gqrx_sock]
+
+          gqrx_obj[:decoder_stop_flag] ||= [false]
+
+          sleep 0.1 until File.exist?(record_path)
+
+          header = File.binread(record_path, HEADER_SIZE)
+          raise 'Invalid WAV header' unless header.start_with?('RIFF') && header.include?('WAVE')
+
+          bytes_read = HEADER_SIZE
+
+          puts "GSM Decoder started for frequency: #{frequency}, sample_rate: #{sample_rate}"
+
+          Thread.new do
+            loop do
+              break if gqrx_obj[:decoder_stop_flag][0]
+
+              current_size = File.size(record_path)
+              if current_size > bytes_read
+                new_bytes = current_size - bytes_read
+                # Ensure full I/Q pairs (8 bytes)
+                new_bytes -= new_bytes % 8
+                data = File.binread(record_path, new_bytes, bytes_read)
+                process_chunk(
+                  data: data,
+                  sample_rate: sample_rate,
+                  frequency: frequency
+                )
+                bytes_read = current_size
+              end
+
+              sleep SLEEP_INTERVAL
+            end
+          rescue StandardError => e
+            puts "Decoder error: #{e.message}"
+          ensure
+            cleanup(record_path: record_path)
+          end
+        end
+
+        # Stops the decoding thread.
+        def self.stop(opts = {})
+          thread = opts[:thread]
+          gqrx_obj = opts[:gqrx_obj]
+          raise ':ERROR: :thread and :gqrx_obj are required' unless thread && gqrx_obj.is_a?(Hash)
+
+          gqrx_obj[:decoder_stop_flag][0] = true
+          thread.join(1.0)
+        end
+
+        class << self
+          private
+
+          def process_chunk(opts = {})
+            data = opts[:data]
+            sample_rate = opts[:sample_rate]
+            frequency = opts[:frequency]
+            raise ':ERROR: :data, :sample_rate, and :frequency are required' unless data && sample_rate && frequency
+
+            samples = data.unpack('f< *')
+            return if samples.length.odd? # Skip incomplete
+
+            complex_samples = []
+            (0...samples.length).step(2) do |i|
+              complex_samples << Complex(samples[i], samples[i + 1])
+            end
+
+            window_size = [(sample_rate * BURST_DURATION_SEC).round, complex_samples.length].min
+            return if window_size <= 0
+
+            # Simplified power on sliding windows
+            powers = []
+            complex_samples.each_cons(window_size) do |window|
+              power = window.map { |c| c.abs**2 }.sum / window_size
+              powers << power
+            end
+
+            max_power = powers.max
+            return unless max_power > POWER_THRESHOLD
+
+            # Demod the entire chunk (assume burst-aligned roughly)
+            bits = demod_gmsk(complex_samples)
+            # Synchronize via TSC correlation
+            sync_offset = find_tsc_offset(bits, TSC_0)
+            return unless sync_offset >= 0
+
+            # Extract data bits from normal burst structure
+            burst_start = sync_offset - 58 # TSC starts at symbol 58 (0-index)
+            return unless burst_start >= 0 && burst_start + 148 <= bits.length
+
+            data_bits = extract_data_bits(bits, burst_start)
+            puts "Burst synchronized at offset #{sync_offset} for #{frequency} Hz (power: #{max_power.round(4)})"
+            decode_imsi(
+              data_bits: data_bits,
+              frequency: frequency
+            )
+          end
+
+          def demod_gmsk(complex_samples)
+            return [] if complex_samples.length < 2
+
+            bits = []
+            (1...complex_samples.length).each do |i|
+              prod = complex_samples[i] * complex_samples[i - 1].conj
+              # Sign of imaginary part for quadrature differential
+              bit = (prod.imag >= 0 ? 0 : 1) # Or adjust polarity
+              bits << bit
+            end
+            bits
+          end
+
+          def find_tsc_offset(bits, tsc)
+            max_corr = -1
+            best_offset = -1
+            tsc_length = tsc.length # 26
+            (0...(bits.length - tsc_length + 1)).each do |offset|
+              window = bits[offset, tsc_length]
+              corr = window.zip(tsc).count { |b1, b2| b1 == b2 }
+              if corr > max_corr
+                max_corr = corr
+                best_offset = offset
+              end
+            end
+            # Threshold: e.g., >20 matches for good sync
+            max_corr > 20 ? best_offset : -1
+          end
+
+          # Extract 114 data bits from normal burst (ignoring tails/guard)
+          def extract_data_bits(bits, burst_start)
+            data1_start = burst_start + 2
+            data2_start = burst_start + 88 # After TSC 26 + data1 57 = 85, +3? Wait, structure: tail2(0-1), data(2-58), tsc(59-84), data(85-141), tail(142-143)
+            data1 = bits[data1_start, 57]
+            data2 = bits[data2_start, 57]
+            data1 + data2
+          end
+
+          def decode_imsi(opts = {})
+            data_bits = opts[:data_bits]
+            frequency = opts[:frequency]
+            raise ':ERROR: :data_bits and :frequency are required' unless data_bits && frequency
+
+            # Simplified "IMSI extraction": Interpret first ~60 bits as packed digits (4 bits per digit, BCD-like).
+            # In reality: Deinterleave (over bursts), Viterbi decode convolutional code (polys G0=10011b, G1=11011b),
+            # CRC check, parse L3 message (e.g., Paging Req Type 1 has IMSI IE at specific offset, packed BCD).
+            # Here: Raw data bits to 15-digit IMSI (first 60 bits -> 15 nibbles).
+            return unless data_bits.length >= 60
+
+            imsi_digits = []
+            data_bits[0, 60].each_slice(4) do |nibble|
+              digit = nibble.join.to_i(2)
+              imsi_digits << (digit % 10) # Mod 10 for digit-like, or keep as is for hex
+            end
+
+            # Format as 3(MCC)+3(MNC)+9(MSIN)
+            mcc = imsi_digits[0, 3].join
+            mnc = imsi_digits[3, 3].join
+            msin = imsi_digits[6, 9].join
+            imsi = "#{mcc.ljust(3, '0')}#{mnc.ljust(3, '0')}#{msin.ljust(9, '0')}"
+
+            puts "Decoded IMSI: #{imsi} at #{frequency} Hz"
+            # TODO: Integrate full L3 parser (e.g., from ruby-gsm gem or custom).
+          end
+
+          def cleanup(opts = {})
+            record_path = opts[:record_path]
+            raise ':ERROR: :record_path is required' unless record_path
+
+            return unless File.exist?(record_path)
+
+            File.delete(record_path)
+            puts "Cleaned up recording: #{record_path}"
+          end
+        end
+      end
+    end
+  end
+end

data/lib/pwn/sdr/decoder.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+module PWN
+  # This file, using the autoload directive loads SDR modules
+  # into memory only when they're needed. For more information, see:
+  # http://www.rubyinside.com/ruby-techniques-revealed-autoload-1652.html
+  module SDR
+    # Deocder Module for SDR signals.
+    module Decoder
+      autoload :GSM, 'pwn/sdr/decoder/gsm'
+
+      # Display a List of Every PWN::AI Module
+
+      public_class_method def self.help
+        constants.sort
+      end
+    end
+  end
+end

data/lib/pwn/{plugins → sdr}/flipper_zero.rb

@@ -1,13 +1,13 @@
 # frozen_string_literal: true
 
 module PWN
-  module Plugins
+  module SDR
     # This plugin is used for interacting with Bus Pirate v3.6
     # This plugin may be compatible with other versions, however,
     # has not been tested with anything other than v3.6.
     module FlipperZero
       # Supported Method Parameters::
-      # PWN::Plugins::FlipperZero.connect_via_screen(
+      # PWN::SDR::FlipperZero.connect_via_screen(
       #   block_dev: 'optional - serial block device path (defaults to /dev/ttyACM0)'
       # )
 
@@ -34,7 +34,7 @@ module PWN
       end
 
       # Supported Method Parameters::
-      # flipper_zero_obj = PWN::Plugins::FlipperZero.connect(
+      # flipper_zero_obj = PWN::SDR::FlipperZero.connect(
       #   block_dev: 'optional serial block device path (defaults to /dev/ttyACM0)',
       #   baud: 'optional (defaults to 9600)',
       #   data_bits: 'optional (defaults to 8)',
@@ -50,7 +50,7 @@ module PWN
       end
 
       # Supported Method Parameters::
-      # response = PWN::Plugins::FlipperZero.request(
+      # response = PWN::SDR::FlipperZero.request(
       #   flipper_zero_obj: 'required - flipper_zero_obj returned from #connect method',
       #   payload: 'optional - payload to send to the device (defaults to help)'
       # )
@@ -75,7 +75,7 @@ module PWN
       end
 
       # Supported Method Parameters::
-      # PWN::Plugins::FlipperZero.disconnect(
+      # PWN::SDR::FlipperZero.disconnect(
       #   flipper_zero_obj: 'required - flipper_zero_obj returned from #connect method'
       # )