pwn 0.5.510 → 0.5.513

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d58d781b8c20f486edb8e75e754abf3ecef32c5452e37b95db9cdc42d99b00c5
-  data.tar.gz: 3ad4a359bc29b32b0075ab742251049f29ee7fc0e71404205cb799fd3674703b
+  metadata.gz: 82756fa89b985658783dd6a2f59ec1e4c591959dd0ea349e8f68ca5e74fc8715
+  data.tar.gz: 34f2cc9edcc4eb8a35ad7d91b16fbb760d4a220a3a9d556efe682f009573abcf
 SHA512:
-  metadata.gz: 38e23042f38a7f1774e67f1bda23b3e77a9ff1d2242aee7c59d47957cddff06ec831d3fee6fec16681795bab6e450fb178bbb705e1d44a3624d1c8260d55625b
-  data.tar.gz: 1edb0154984ee110ef2b4d87eddf5f007a98d7977f50cb33fbb1b735d79fc64725ba75bfff288822bbdd723bf893ba25f3022b9aff1094ec4a068dd953cae2ef
+  metadata.gz: 9bf3f13770d43feeab86c59ab32b389a02e11727b888e7a002248dd8754769c00c1e5e2a335c316db1d1ccc1ad846fc9a39d463bde22a0e9c3f467a69e2d4e55
+  data.tar.gz: db2d0be522131762b6214e6fb3e4e79500bf4b8bfb25510785ac0eaa3eca81c0984c58d9a7a1dc9d195c1d8873b2a1cc559f0ff0a2085d9f3217341fb03042a3

data/.rubocop.yml

@@ -16,7 +16,7 @@ Metrics/ClassLength:
 Metrics/CyclomaticComplexity:
   Max: 158
 Metrics/MethodLength:
-  Max: 652
+  Max: 733
 Metrics/ModuleLength:
   Max: 1563
 Metrics/PerceivedComplexity:

data/Gemfile

@@ -20,7 +20,7 @@ gem 'base32', '0.3.4'
 gem 'bitcoin-ruby', '0.0.20'
 gem 'brakeman', '7.1.1'
 gem 'bson', '5.2.0'
-gem 'bundler', '>=4.0.0'
+gem 'bundler', '>=4.0.2'
 gem 'bundler-audit', '>=0.9.3'
 gem 'bunny', '2.24.0'
 gem 'colorize', '1.1.0'
@@ -44,12 +44,12 @@ gem 'jenkins_api_client2', '1.9.0'
 gem 'js-beautify', '0.1.8'
 gem 'json', '>=2.13.2'
 gem 'jsonpath', '1.1.5'
-gem 'json_schemer', '2.4.0'
+gem 'json_schemer', '2.5.0'
 gem 'jwt', '3.1.2'
 gem 'libusb', '0.7.2'
 gem 'luhn', '3.0.0'
 gem 'mail', '2.9.0'
-gem 'meshtastic', '0.0.147'
+gem 'meshtastic', '0.0.149'
 gem 'metasm', '1.0.5'
 gem 'mongo', '2.22.0'
 gem 'msfrpc-client', '1.1.2'
@@ -73,14 +73,14 @@ gem 'pry-doc', '1.6.0'
 gem 'rake', '13.3.1'
 gem 'rb-readline', '0.5.5'
 gem 'rbvmomi2', '3.8.0'
-gem 'rdoc', '6.16.1'
+gem 'rdoc', '7.0.1'
 gem 'rest-client', '2.1.0'
 gem 'rex', '2.0.13'
 gem 'rmagick', '6.1.4'
 gem 'rqrcode', '3.1.1'
 gem 'rspec', '3.13.2'
 gem 'rtesseract', '3.1.4'
-gem 'rubocop', '1.81.7'
+gem 'rubocop', '1.82.0'
 gem 'rubocop-rake', '0.7.1'
 gem 'rubocop-rspec', '3.8.0'
 gem 'ruby-audio', '1.6.1'
@@ -88,8 +88,8 @@ gem 'ruby-nmap', '1.0.3'
 gem 'ruby-saml', '1.18.1'
 gem 'rvm', '1.11.3.9'
 gem 'savon', '2.15.1'
-gem 'selenium-devtools', '0.142.0'
-gem 'selenium-webdriver', '4.38.0'
+gem 'selenium-devtools', '0.143.0'
+gem 'selenium-webdriver', '4.39.0'
 gem 'slack-ruby-client', '3.1.0'
 gem 'socksify', '1.8.1'
 gem 'spreadsheet', '1.3.4'
@@ -104,4 +104,4 @@ gem 'webrick', '1.9.2'
 gem 'whois', '6.0.3'
 gem 'whois-parser', '2.0.0'
 gem 'wicked_pdf', '2.8.2'
-gem 'yard', '0.9.37'
+gem 'yard', '0.9.38'

data/README.md

@@ -37,7 +37,7 @@ $ cd /opt/pwn
 $ ./install.sh
 $ ./install.sh ruby-gem
 $ pwn
-pwn[v0.5.510]:001 >>> PWN.help
+pwn[v0.5.513]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.7@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.5.510]:001 >>> PWN.help
+pwn[v0.5.513]:001 >>> PWN.help
 ```
 
 If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.7@pwn
 $ rvmsudo gem uninstall --all --executables pwn
 $ rvmsudo gem install --verbose pwn
 $ pwn
-pwn[v0.5.510]:001 >>> PWN.help
+pwn[v0.5.513]:001 >>> PWN.help
 ```
 
 PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`.  The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:

data/bin/pwn_gqrx_scanner

@@ -13,12 +13,12 @@ PWN::Driver::Parser.new do |options|
     opts[:list_scan_profiles] = l
   end
 
-  options.on('-tFREQ', '--target-freq=FREQ', '<Required if "--assume-profile" is Nil - Frequency to Conclude Scanning (e.g. 900.000.000 == 900 mHz>') do |e|
-    opts[:target_freq] = e
+  options.on('-sFREQ', '--start-freq=FREQ', '<Required if "--assume-profile" is Nil - Frequency to Start Scanning (e.g. 800.000.000 == 800 mHz>') do |s|
+    opts[:start_freq] = s
   end
 
-  options.on('-sFREQ', '--start-freq=FREQ', '<Optional - Frequency to Set when Scanning Begins (Defaults to last known frequency)>') do |s|
-    opts[:start_freq] = s
+  options.on('-tFREQ', '--target-freq=FREQ', '<Required if "--assume-profile" is Nil - Frequency to Conclude Scanning (e.g. 900.000.000 == 900 mHz>') do |e|
+    opts[:target_freq] = e
   end
 
   options.on('-hHOST', '--host=HOST', '<Optional - GQRX Host (Defaults to 127.0.0.1)>') do |h|
@@ -29,7 +29,7 @@ PWN::Driver::Parser.new do |options|
     opts[:port] = p
   end
 
-  options.on('-AFLOAT', '--audio-gain=FLOAT', '<Optional - Set audio gain -80.0 to 50.0 (Defaults to 1.0)>') do |a|
+  options.on('-AFLOAT', '--audio-gain=FLOAT', '<Optional - Set audio gain -80.0 to 50.0 (Defaults to 9.0)>') do |a|
     opts[:audio_gain_db] = a
   end
 
@@ -37,52 +37,74 @@ PWN::Driver::Parser.new do |options|
     opts[:bandwidth] = b
   end
 
+  options.on('-OLAP', '--overlap-protection', '<Optional - Enable Overlap Protection to prevent false positives when scanning (Defaults to false)>') do |o|
+    opts[:overlap_protection] = o
+  end
+
   options.on('-DMODE', '--demodulator-mode=MODE', '<Optional - Set Demodulator Mode OFF | RAW | AM | FM | WFM | WFM_ST | WFM_ST_OIRT | LSB | USB | CW | CWL | CWU (Defaults to WFM_ST)>') do |d|
     opts[:demodulator_mode] = d
   end
 
+  options.on('-rRDS', '--rds', '<Optional - Enable RDS Decoding when in WFM or WFM_ST Demodulator Mode (Defaults to false)>') do |r|
+    opts[:rds] = r
+  end
+
   options.on('-PINT', '--precision=INT', '<Optional - Precision of Frequency 1-12 (Defaults to 5)>') do |p|
     opts[:precision] = p
   end
 
-  options.on('-SFLOAT', '--strength-lock=FLOAT', '<Optional - Strength to lock onto frequency (Defaults to -45.0)>') do |s|
+  options.on('-SFLOAT', '--strength-lock=FLOAT', '<Optional - Strength to lock onto frequency (Defaults to -70.0)>') do |s|
     opts[:strength_lock] = s
   end
 
-  options.on('-LFLOAT', '--lock-freq-duration=FLOAT', '<Optional - Duration to lock onto Freqency when Strength < --strength-lock value (Defaults to 0.5)>') do |l|
+  options.on('-LFLOAT', '--lock-freq-duration=FLOAT', '<Optional - Duration to lock onto Freqency when Strength < --strength-lock value (Defaults to 0.04)>') do |l|
     opts[:lock_freq_duration] = l
   end
 
-  options.on('-QFLOAT', '--squelch=FLOAT', '<Optional - Squelch Threshold -150.0 to 0 (Defaults to -50.0)>') do |q|
+  options.on('-QFLOAT', '--squelch=FLOAT', '<Optional - Squelch Threshold -150.0 to 0 (Defaults to --strength-lock - 3)>') do |q|
     opts[:squelch] = q
   end
 
-  options.on('-RFLOAT', '--rf-gain=FLOAT', '<Optional - RF Gain 0.0-16.0(Defaults to 16.0)>') do |r|
+  options.on('-RFLOAT', '--rf-gain=FLOAT', '<Optional - RF Gain 0.0-16.0(Defaults to 0.0)>') do |r|
     opts[:rf_gain] = r
   end
 
-  options.on('-IFLOAT', '--intermediate-gain=FLOAT', '<Optional - Intermediate Gain 0.0-40.0 (Defaults to 40.0)>') do |i|
+  options.on('-IFLOAT', '--intermediate-gain=FLOAT', '<Optional - Intermediate Gain 0.0-40.0 (Defaults to 32.0)>') do |i|
     opts[:intermediate_gain] = i
   end
 
-  options.on('-BFLOAT', '--basedband-gain=FLOAT', '<Optional - Baseband Gain 0.0-62.0 (Defaults to 10.0)>') do |b|
+  options.on('-BFLOAT', '--baseband-gain=FLOAT', '<Optional - Baseband Gain 0.0-62.0 (Defaults to 10.0)>') do |b|
     opts[:baseband_gain] = b
   end
+
+  options.on('-LFILE', '--scan-log=FILE', '<Optional - Path to log scan results to (Defaults to /tmp/pwn_sdr_gqrx_scan_<start_freq>-<target_freq>_<timestamp>.json)>') do |l|
+    opts[:scan_log] = l
+  end
+
+  options.on('-LOC', '--location', '<Optional - Location string to include in AI analysis (e.g. "New York, NY", 90210, GPS coords, etc.)>') do |l|
+    opts[:location] = l
+  end
 end.parse!
 
 begin
   pwn_provider = 'ruby-gem'
   pwn_provider = ENV.fetch('PWN_PROVIDER') if ENV.keys.any? { |s| s == 'PWN_PROVIDER' }
 
+  profiles_available = PWN::SDR::FrequencyAllocation.profiles
+
   list_scan_profiles = opts[:list_scan_profiles]
   if list_scan_profiles
-    profiles_available = PWN::SDR::GQRX.list_scan_profiles
     puts JSON.pretty_generate(profiles_available)
     exit 0
   end
 
   profile = opts[:profile]
-  opts = PWN::SDR::GQRX.assume_profile(profile: profile) unless profile.nil?
+  opts.merge!(profiles_available[profile.to_sym]) unless profile.nil?
+
+  start_freq = opts[:start_freq]
+  start_freq = start_freq.to_s.delete('.') unless start_freq.nil?
+  start_freq = start_freq.to_i
+  raise 'ERROR: Invalid start frequency.' if !start_freq.nil? && start_freq.zero?
 
   target_freq = opts[:target_freq]
   target_freq = target_freq.to_s.delete('.') unless target_freq.nil?
@@ -91,106 +113,64 @@ begin
 
   host = opts[:host]
   port = opts[:port]
-
-  puts "Connecting to GQRX at #{host}:#{port}..."
   gqrx_sock = PWN::SDR::GQRX.connect(target: host, port: port)
 
-  start_freq = opts[:start_freq]
-  start_freq = start_freq.to_s.delete('.') unless start_freq.nil?
-  start_freq = start_freq.to_i
-  if start_freq.zero?
-    start_freq = PWN::SDR::GQRX.gqrx_cmd(
-      gqrx_sock: gqrx_sock, cmd: 'f',
-      resp_ok: 'RPRT 0'
-    ).to_i
-  end
-
-  demodulator_mode = opts[:demodulator_mode] ||= 'WFM_ST'
-  puts "Demodulator Mode: #{demodulator_mode}"
-  # demodulator_mode.upcase! if opts[:demodulator_mode]
-  demodulator_modes = %i[OFF RAW AM FM WFM WFM_ST WFM_ST_OIRT LSB USB CW CWL CWU]
-  raise "ERROR: Invalid demodulator mode: #{demodulator_mode}" unless demodulator_modes.include?(demodulator_mode)
-
-  bandwidth = opts[:bandwidth] ||= '200.000'
-
-  puts "Setting demodulator mode to #{demodulator_mode} and bandwidth to #{bandwidth}..."
-  bandwidth = bandwidth.to_s.delete('.').to_i unless bandwidth.nil?
-  demod_resp = PWN::SDR::GQRX.gqrx_cmd(
-    gqrx_sock: gqrx_sock,
-    cmd: "M #{demodulator_mode} #{bandwidth}",
-    resp_ok: 'RPRT 0'
-  )
+  demodulator_mode = opts[:demodulator_mode]
+  rds = opts[:rds]
+  bandwidth = opts[:bandwidth]
+  overlap_protection = opts[:overlap_protection]
 
-  audio_gain_db = opts[:audio_gain_db] ||= 1.0
-  audio_gain_db = audio_gain_db.to_f
-  audio_gain_db_resp = PWN::SDR::GQRX.gqrx_cmd(
-    gqrx_sock: gqrx_sock,
-    cmd: "L AF #{audio_gain_db}",
-    resp_ok: 'RPRT 0'
-  )
+  audio_gain_db = opts[:audio_gain_db]
+  audio_gain_db = audio_gain_db.to_f unless audio_gain_db.nil?
 
-  squelch = opts[:squelch] ||= -63.0
-  squelch = squelch.to_f
-  squelch_resp = PWN::SDR::GQRX.gqrx_cmd(
-    gqrx_sock: gqrx_sock,
-    cmd: "L SQL #{squelch}",
-    resp_ok: 'RPRT 0'
-  )
+  squelch = opts[:squelch]
+  squelch = squelch.to_f unless squelch.nil?
 
   precision = opts[:precision] ||= 5
   precision = precision.to_i
   raise "ERROR: Invalid precision: #{precision}" unless (1..12).include?(precision)
 
-  lock_freq_duration = opts[:lock_freq_duration] ||= 0.5
-  lock_freq_duration = lock_freq_duration.to_f
+  lock_freq_duration = opts[:lock_freq_duration]
+  strength_lock = opts[:strength_lock]
+  strength_lock = strength_lock.to_f unless strength_lock.nil?
 
-  strength_lock = opts[:strength_lock] ||= -60.0
-  strength_lock = strength_lock.to_f
+  rf_gain = opts[:rf_gain]
+  rf_gain = rf_gain.to_f unless rf_gain.nil?
 
-  rf_gain = opts[:rf_gain] ||= 0.0
-  rf_gain = rf_gain.to_f
-  rf_gain_resp = PWN::SDR::GQRX.gqrx_cmd(
-    gqrx_sock: gqrx_sock,
-    cmd: "L RF_GAIN #{rf_gain}",
-    resp_ok: 'RPRT 0'
-  )
+  intermediate_gain = opts[:intermediate_gain]
+  intermediate_gain = intermediate_gain.to_f unless intermediate_gain.nil?
 
-  intermediate_gain = opts[:intermediate_gain] ||= 32.0
-  intermediate_gain = intermediate_gain.to_f
-  intermediate_resp = PWN::SDR::GQRX.gqrx_cmd(
-    gqrx_sock: gqrx_sock,
-    cmd: "L IF_GAIN #{intermediate_gain}",
-    resp_ok: 'RPRT 0'
-  )
-
-  baseband_gain = opts[:baseband_gain] ||= 10.0
-  baseband_gain = baseband_gain.to_f
-  baseband_resp = PWN::SDR::GQRX.gqrx_cmd(
-    gqrx_sock: gqrx_sock,
-    cmd: "L BB_GAIN #{baseband_gain}",
-    resp_ok: 'RPRT 0'
-  )
+  baseband_gain = opts[:baseband_gain]
+  baseband_gain = baseband_gain.to_f unless baseband_gain.nil?
 
-  s_freq_pretty = start_freq.to_s.chars.insert(-4, '.').insert(-8, '.').join
-  t_freq_pretty = target_freq.to_s.chars.insert(-4, '.').insert(-8, '.').join
-  puts "*** Scanning from #{s_freq_pretty} to #{t_freq_pretty}\n\n\n"
+  scan_log = opts[:scan_log]
+  location = opts[:location]
 
+  # Merge opts again to ensure we override profile values with CLI values
   PWN::SDR::GQRX.scan_range(
     gqrx_sock: gqrx_sock,
-    demodulator_mode: demodulator_mode,
-    bandwidth: bandwidth,
     start_freq: start_freq,
     target_freq: target_freq,
+    demodulator_mode: demodulator_mode,
+    rds: rds,
+    bandwidth: bandwidth,
+    overlap_protection: overlap_protection,
+    audio_gain_db: audio_gain_db,
+    squelch: squelch,
     precision: precision,
-    lock_freq_duration: lock_freq_duration,
     strength_lock: strength_lock,
-    squelch: squelch
+    lock_freq_duration: lock_freq_duration,
+    rf_gain: rf_gain,
+    intermediate_gain: intermediate_gain,
+    baseband_gain: baseband_gain,
+    scan_log: scan_log,
+    location: location
   )
   puts 'Scan Complete.'
 rescue StandardError => e
   raise e
 rescue Interrupt, SystemExit
-  puts "\nGoodbye."
+  puts "\nCTRL+C detected - goodbye."
 ensure
-  gqrx_sock = PWN::SDR::GQRX.disconnect(gqrx_sock: gqrx_sock) unless gqrx_sock.nil?
+  PWN::SDR::GQRX.disconnect(gqrx_sock: gqrx_sock) unless gqrx_sock.closed?
 end

data/{build_pwn_gem.sh → build_gem.sh}

@@ -18,7 +18,7 @@ rvmsudo gem update --system
 
 if [[ $old_ruby_version == $new_ruby_version ]]; then
   export rvmsudo_secure_path=1
-  rvmsudo /bin/bash --login -c "cd ${pwn_root} && ./reinstall_pwn_gemset.sh"
+  rvmsudo /bin/bash --login -c "cd ${pwn_root} && ./reinstall_gemset.sh"
   cd /tmp && cd $pwn_root
   rvmsudo rake
   rvmsudo rake install

data/{git_commit_test_reinit_gem.sh → git_commit.sh}

@@ -11,9 +11,9 @@ if (( $# == 3 )); then
   git pull
   git add . --all
   echo 'Updating Gems to Latest Versions in Gemfile...'
-  ./find_latest_gem_versions_per_Gemfile.sh
+  ./upgrade_Gemfile_gems.sh
   if [[ $? -ne 0 ]]; then
-    echo 'ERROR: find_latest_gem_versions_per_Gemfile.sh failed!'
+    echo 'ERROR: upgrade_Gemfile_gems.sh failed!'
     exit 1
   fi
 
@@ -34,9 +34,9 @@ if (( $# == 3 )); then
   fi
 
   git commit -a -S --author="${1} <${2}>" -m "${3}"
-  ./update_pwn.sh
+  ./upgrade_pwn.sh
   if [[ $? -ne 0 ]]; then
-    echo 'ERROR: update_pwn.sh failed!'
+    echo 'ERROR: upgrade_pwn.sh failed!'
     exit 1
   fi
 

data/lib/pwn/plugins/sock.rb

@@ -229,10 +229,20 @@ module PWN
 
       public_class_method def self.disconnect(opts = {})
         sock_obj = opts[:sock_obj]
+        return unless sock_obj.respond_to?(:close)
+
+        # Shutdown both directions to terminate flows immediately
+        # sock_obj.shutdown(Socket::SHUT_RDWR)
+
+        # Set SO_LINGER=0 to force RST (skips TIME_WAIT; ideal for fuzzing)
+        # linger = [1, 0].pack('ii')
+        # sock_obj.setsockopt(Socket::SOL_SOCKET, Socket::SO_LINGER, linger)
+
         sock_obj.close
-        sock_obj = nil
       rescue StandardError => e
         raise e
+      ensure
+        sock_obj = nil
       end
 
       # Author(s):: 0day Inc. <support@0dayinc.com>

data/lib/pwn/sdr/decoder/gsm.rb

@@ -15,15 +15,13 @@ module PWN
 
         # Starts the live decoding thread.
         def self.start(opts = {})
-          gqrx_obj = opts[:gqrx_obj]
-          raise ':ERROR: :gqrx_obj is required' unless gqrx_obj.is_a?(Hash)
+          freq_obj = opts[:freq_obj]
+          raise ':ERROR: :freq_obj is required' unless freq_obj.is_a?(Hash)
 
-          record_path = gqrx_obj[:record_path]
-          frequency = gqrx_obj[:frequency]
-          sample_rate = gqrx_obj[:bandwidth].to_i
-          gqrx_sock = gqrx_obj[:gqrx_sock]
-
-          gqrx_obj[:decoder_stop_flag] ||= [false]
+          gqrx_sock = freq_obj[:gqrx_sock]
+          freq = freq_obj[:freq]
+          bandwidth = freq_obj[:bandwidth].to_i
+          record_path = freq_obj[:record_path]
 
           sleep 0.1 until File.exist?(record_path)
 
@@ -32,12 +30,10 @@ module PWN
 
           bytes_read = HEADER_SIZE
 
-          puts "GSM Decoder started for frequency: #{frequency}, sample_rate: #{sample_rate}"
+          puts "GSM Decoder started for freq: #{freq}, bandwidth: #{bandwidth}"
 
           Thread.new do
             loop do
-              break if gqrx_obj[:decoder_stop_flag][0]
-
               current_size = File.size(record_path)
               if current_size > bytes_read
                 new_bytes = current_size - bytes_read
@@ -46,8 +42,8 @@ module PWN
                 data = File.binread(record_path, new_bytes, bytes_read)
                 process_chunk(
                   data: data,
-                  sample_rate: sample_rate,
-                  frequency: frequency
+                  bandwidth: bandwidth,
+                  freq: freq
                 )
                 bytes_read = current_size
               end
@@ -63,12 +59,11 @@ module PWN
 
         # Stops the decoding thread.
         def self.stop(opts = {})
-          thread = opts[:thread]
-          gqrx_obj = opts[:gqrx_obj]
-          raise ':ERROR: :thread and :gqrx_obj are required' unless thread && gqrx_obj.is_a?(Hash)
+          freq_obj = opts[:freq_obj]
+          raise 'ERROR: :freq_obj is required' unless freq_obj.is_a?(Hash)
 
-          gqrx_obj[:decoder_stop_flag][0] = true
-          thread.join(1.0)
+          decoder_thread = freq_obj[:decoder_thread]
+          decoder_thread.kill if decoder_thread.is_a?(Thread)
         end
 
         class << self
@@ -76,9 +71,9 @@ module PWN
 
           def process_chunk(opts = {})
             data = opts[:data]
-            sample_rate = opts[:sample_rate]
-            frequency = opts[:frequency]
-            raise ':ERROR: :data, :sample_rate, and :frequency are required' unless data && sample_rate && frequency
+            bandwidth = opts[:bandwidth]
+            freq = opts[:freq]
+            raise ':ERROR: :data, :bandwidth, and :freq are required' unless data && bandwidth && freq
 
             samples = data.unpack('f< *')
             return if samples.length.odd? # Skip incomplete
@@ -88,7 +83,7 @@ module PWN
               complex_samples << Complex(samples[i], samples[i + 1])
             end
 
-            window_size = [(sample_rate * BURST_DURATION_SEC).round, complex_samples.length].min
+            window_size = [(bandwidth * BURST_DURATION_SEC).round, complex_samples.length].min
             return if window_size <= 0
 
             # Simplified power on sliding windows
@@ -112,10 +107,10 @@ module PWN
             return unless burst_start >= 0 && burst_start + 148 <= bits.length
 
             data_bits = extract_data_bits(bits, burst_start)
-            puts "Burst synchronized at offset #{sync_offset} for #{frequency} Hz (power: #{max_power.round(4)})"
+            puts "Burst synchronized at offset #{sync_offset} for #{freq} Hz (power: #{max_power.round(4)})"
             decode_imsi(
               data_bits: data_bits,
-              frequency: frequency
+              freq: freq
             )
           end
 
@@ -159,8 +154,8 @@ module PWN
 
           def decode_imsi(opts = {})
             data_bits = opts[:data_bits]
-            frequency = opts[:frequency]
-            raise ':ERROR: :data_bits and :frequency are required' unless data_bits && frequency
+            freq = opts[:freq]
+            raise ':ERROR: :data_bits and :freq are required' unless data_bits && freq
 
             # Simplified "IMSI extraction": Interpret first ~60 bits as packed digits (4 bits per digit, BCD-like).
             # In reality: Deinterleave (over bursts), Viterbi decode convolutional code (polys G0=10011b, G1=11011b),
@@ -180,7 +175,7 @@ module PWN
             msin = imsi_digits[6, 9].join
             imsi = "#{mcc.ljust(3, '0')}#{mnc.ljust(3, '0')}#{msin.ljust(9, '0')}"
 
-            puts "Decoded IMSI: #{imsi} at #{frequency} Hz"
+            puts "Decoded IMSI: #{imsi} at #{freq} Hz"
             # TODO: Integrate full L3 parser (e.g., from ruby-gsm gem or custom).
           end
 
@@ -208,18 +203,12 @@ module PWN
         public_class_method def self.help
           puts "USAGE:
             gsm_decoder_thread = PWN::SDR::Decoder::GSM.start(
-              gqrx_obj: {
-                record_path: 'path/to/record.wav',
-                frequency: 935_000_000, # Frequency in Hz
-                bandwidth: 200_000,     # Sample rate in Hz
-                gqrx_sock: gqrx_socket_object
-              }
+              freq_obj: 'required - freq_obj returned from PWN::SDR::Receiver::GQRX.init_freq method'
             )
 
             # To stop the decoder thread:
             PWN::SDR::Decoder::GSM.stop(
-              thread: gsm_decoder_thread,
-              gqrx_obj: gqrx_object_used_to_start_decoder
+              freq_obj: 'required - freq_obj returned from PWN::SDR::Receiver::GQRX.init_freq method'
             )
 
             #{self}.authors