pwn 0.5.525 → 0.5.527

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 67600c92927578c7598e62ddc4e785dba48057f26a8dfa91e9ea58fbc3737c35
-  data.tar.gz: 07ef92cad239ffdcbea358e34127d515d9553f4e444c9a069dfba4f196f82b2e
+  metadata.gz: 41dad766173e9f532698600df5ad215b77c1536b28d7913ac1ad83650d8f15a3
+  data.tar.gz: a620829d63e8fc41d707fb55e6cdc6aef3ca1aa0bab571014631dfb883639c6b
 SHA512:
-  metadata.gz: b4203ad36d4dc9cd1f0011e8de8b5c80babf85b5a5aa6dbae19410e8e9014c199990ef7f14216ab9e528af5bfeb7de06ee62d02f405f73a27cb7418f26db9bb2
-  data.tar.gz: 8d6bef379e1fec99bb489f60b82faa0038ad13cf1e92bbb2bf274ba8a962dff0e0e8fa1455fea93211125217f4fefa1696f3917239cd94ce7ec8c7337bff3819
+  metadata.gz: 86c1c7bd2fad5b04e0170d53de9a820be1276cd1e038a7ae2b224b192e5e421075ef890a3eb35280ca624d28237cb1749a869d9d31ac439eb1fd3159b25ec953
+  data.tar.gz: c9a934741503e2b271d289a19950dc203167c0a12ed3f66507fe88dcf0da4843a324fd9035d037375a854ec751808c4690aab03ead1dc342ce2aac419b5d3c2f

data/README.md

@@ -37,7 +37,7 @@ $ cd /opt/pwn
 $ ./install.sh
 $ ./install.sh ruby-gem
 $ pwn
-pwn[v0.5.525]:001 >>> PWN.help
+pwn[v0.5.527]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.7@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.5.525]:001 >>> PWN.help
+pwn[v0.5.527]:001 >>> PWN.help
 ```
 
 If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.7@pwn
 $ rvmsudo gem uninstall --all --executables pwn
 $ rvmsudo gem install --verbose pwn
 $ pwn
-pwn[v0.5.525]:001 >>> PWN.help
+pwn[v0.5.527]:001 >>> PWN.help
 ```
 
 PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`.  The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:

data/bin/pwn_gqrx_scanner

@@ -156,12 +156,6 @@ begin
     location: location,
     keep_looping: keep_looping
   )
-
-    loop_count += 1
-    gqrx_sock = PWN::SDR::GQRX.connect(target: host, port: port)
-    log_timestamp = Time.now.strftime('%Y-%m-%d')
-    scan_log = "/tmp/pwn_sdr_gqrx_scan_#{PWN::SDR.hz_to_s(start_freq)}-#{PWN::SDR.hz_to_s(target_freq)}_#{log_timestamp}-l#{loop_count}.json"
-  end
   puts 'Scan Complete.'
 rescue StandardError => e
   raise e

data/lib/pwn/sdr/gqrx.rb

@@ -178,7 +178,7 @@ module PWN
             distance_between_unique_samples = (strength_db - prev_strength_db).abs.round(2)
             strength_measured = true if distance_between_unique_samples.positive? && strength_lock > strength_db
           end
-          strength_measured = true if (distance_between_unique_samples.positive? && distance_between_unique_samples < 5) || attempts >= 500
+          strength_measured = true if (distance_between_unique_samples.positive? && distance_between_unique_samples < 5) || attempts >= 700
 
           break if strength_measured
 
@@ -658,201 +658,214 @@ module PWN
 
       public_class_method def self.scan_range(opts = {})
         timestamp_start = Time.now.strftime('%Y-%m-%d %H:%M:%S%z')
-        log_timestamp = Time.now.strftime('%Y-%m-%d')
 
-        gqrx_sock = opts[:gqrx_sock]
+        loop_count = 1
+        loop do
+          gqrx_sock = opts[:gqrx_sock]
 
-        start_freq = opts[:start_freq]
-        hz_start = PWN::SDR.hz_to_i(start_freq)
+          start_freq = opts[:start_freq]
+          hz_start = PWN::SDR.hz_to_i(start_freq)
 
-        target_freq = opts[:target_freq]
-        hz_target = PWN::SDR.hz_to_i(target_freq)
+          target_freq = opts[:target_freq]
+          hz_target = PWN::SDR.hz_to_i(target_freq)
 
-        demodulator_mode = opts[:demodulator_mode]
+          demodulator_mode = opts[:demodulator_mode]
 
-        bandwidth = opts[:bandwidth] ||= '200.000'
-
-        precision = opts[:precision] ||= 1
-        strength_lock = opts[:strength_lock] ||= -70.0
-        squelch = opts[:squelch] ||= (strength_lock - 3.0)
-        scan_log = opts[:scan_log] ||= "/tmp/pwn_sdr_gqrx_scan_#{PWN::SDR.hz_to_s(hz_start)}-#{PWN::SDR.hz_to_s(hz_target)}_#{log_timestamp}.json"
-        decoder = opts[:decoder]
-        location = opts[:location] ||= 'United States'
-        keep_looping = opts[:keep_looping] || false
+          bandwidth = opts[:bandwidth] ||= '200.000'
 
-        step_hz = 10**(precision - 1)
-        step_hz_direction = hz_start > hz_target ? -step_hz : step_hz
+          precision = opts[:precision] ||= 1
+          strength_lock = opts[:strength_lock] ||= -70.0
+          squelch = opts[:squelch] ||= (strength_lock - 3.0)
+          decoder = opts[:decoder]
 
-        # Set squelch once for the scan
-        change_squelch_resp = gqrx_cmd(
-          gqrx_sock: gqrx_sock,
-          cmd: "L SQL #{squelch}",
-          resp_ok: 'RPRT 0'
-        )
+          log_timestamp = Time.now.strftime('%Y-%m-%d')
+          scan_log = opts[:scan_log] ||= "/tmp/pwn_sdr_gqrx_scan_#{PWN::SDR.hz_to_s(hz_start)}-#{PWN::SDR.hz_to_s(hz_target)}_#{log_timestamp}_l#{loop_count}.json"
+          location = opts[:location] ||= 'United States'
+          keep_looping = opts[:keep_looping] || false
 
-        # We always disable RDS decoding at during the scan
-        # to prevent unnecessary processing overhead.
-        # We return the rds boolean in the scan_resp object
-        # so it will be picked up and used appropriately
-        # when calling analyze_scan or analyze_log methods.
-        rds_resp = gqrx_cmd(
-          gqrx_sock: gqrx_sock,
-          cmd: 'U RDS 0',
-          resp_ok: 'RPRT 0'
-        )
+          step_hz = 10**(precision - 1)
+          step_hz_direction = hz_start > hz_target ? -step_hz : step_hz
 
-        # Set demodulator mode & passband once for the scan
-        mode_str = demodulator_mode.to_s.upcase
-        passband_hz = PWN::SDR.hz_to_i(bandwidth)
-        gqrx_cmd(
-          gqrx_sock: gqrx_sock,
-          cmd: "M #{mode_str} #{passband_hz}",
-          resp_ok: 'RPRT 0'
-        )
+          # Set squelch once for the scan
+          change_squelch_resp = gqrx_cmd(
+            gqrx_sock: gqrx_sock,
+            cmd: "L SQL #{squelch}",
+            resp_ok: 'RPRT 0'
+          )
 
-        audio_gain_db = opts[:audio_gain_db] ||= 6.0
-        audio_gain_db = audio_gain_db.to_f
-        audio_gain_db_resp = gqrx_cmd(
-          gqrx_sock: gqrx_sock,
-          cmd: "L AF #{audio_gain_db}",
-          resp_ok: 'RPRT 0'
-        )
+          # We always disable RDS decoding at during the scan
+          # to prevent unnecessary processing overhead.
+          # We return the rds boolean in the scan_resp object
+          # so it will be picked up and used appropriately
+          # when calling analyze_scan or analyze_log methods.
+          rds_resp = gqrx_cmd(
+            gqrx_sock: gqrx_sock,
+            cmd: 'U RDS 0',
+            resp_ok: 'RPRT 0'
+          )
 
-        rf_gain = opts[:rf_gain] ||= 0.0
-        rf_gain = rf_gain.to_f
-        rf_gain_resp = gqrx_cmd(
-          gqrx_sock: gqrx_sock,
-          cmd: "L RF_GAIN #{rf_gain}",
-          resp_ok: 'RPRT 0'
-        )
+          # Set demodulator mode & passband once for the scan
+          mode_str = demodulator_mode.to_s.upcase
+          passband_hz = PWN::SDR.hz_to_i(bandwidth)
+          gqrx_cmd(
+            gqrx_sock: gqrx_sock,
+            cmd: "M #{mode_str} #{passband_hz}",
+            resp_ok: 'RPRT 0'
+          )
 
-        intermediate_gain = opts[:intermediate_gain] ||= 32.0
-        intermediate_gain = intermediate_gain.to_f
-        intermediate_resp = gqrx_cmd(
-          gqrx_sock: gqrx_sock,
-          cmd: "L IF_GAIN #{intermediate_gain}",
-          resp_ok: 'RPRT 0'
-        )
+          audio_gain_db = opts[:audio_gain_db] ||= 6.0
+          audio_gain_db = audio_gain_db.to_f
+          audio_gain_db_resp = gqrx_cmd(
+            gqrx_sock: gqrx_sock,
+            cmd: "L AF #{audio_gain_db}",
+            resp_ok: 'RPRT 0'
+          )
 
-        baseband_gain = opts[:baseband_gain] ||= 10.0
-        baseband_gain = baseband_gain.to_f
-        baseband_resp = gqrx_cmd(
-          gqrx_sock: gqrx_sock,
-          cmd: "L BB_GAIN #{baseband_gain}",
-          resp_ok: 'RPRT 0'
-        )
+          rf_gain = opts[:rf_gain] ||= 0.0
+          rf_gain = rf_gain.to_f
+          rf_gain_resp = gqrx_cmd(
+            gqrx_sock: gqrx_sock,
+            cmd: "L RF_GAIN #{rf_gain}",
+            resp_ok: 'RPRT 0'
+          )
 
-        prev_freq_obj = init_freq(
-          gqrx_sock: gqrx_sock,
-          freq: hz_start,
-          demodulator_mode: demodulator_mode,
-          bandwidth: bandwidth,
-          squelch: squelch,
-          decoder: decoder,
-          suppress_details: true,
-          keep_alive: true
-        )
+          intermediate_gain = opts[:intermediate_gain] ||= 32.0
+          intermediate_gain = intermediate_gain.to_f
+          intermediate_resp = gqrx_cmd(
+            gqrx_sock: gqrx_sock,
+            cmd: "L IF_GAIN #{intermediate_gain}",
+            resp_ok: 'RPRT 0'
+          )
 
-        candidate_signals = []
+          baseband_gain = opts[:baseband_gain] ||= 10.0
+          baseband_gain = baseband_gain.to_f
+          baseband_resp = gqrx_cmd(
+            gqrx_sock: gqrx_sock,
+            cmd: "L BB_GAIN #{baseband_gain}",
+            resp_ok: 'RPRT 0'
+          )
 
-        # Begin scanning range
-        puts "\n"
-        puts '-' * 86
-        puts "INFO: Scanning from #{PWN::SDR.hz_to_s(hz_start)} to #{PWN::SDR.hz_to_s(hz_target)} in steps of #{PWN::SDR.hz_to_s(step_hz_direction.abs)} Hz."
-        puts "If scans are slow and/or you're experiencing false positives/negatives,"
-        puts 'consider adjusting the following:'
-        puts "1. The SDR's sample rate in GQRX"
-        puts "\s\s- Click on `Configure I/O devices`."
-        puts "\s\s- A lower `Input rate` value seems counter-intuitive but works well (e.g. ADALM PLUTO ~ 1000000)."
-        puts '2. Adjust the :strength_lock parameter.'
-        puts '3. Adjust the :precision parameter.'
-        puts '4. Disable AI introspection in PWN::Env'
-        puts 'Happy scanning!'
-        puts '-' * 86
-        puts "\n\n\n"
-
-        signals_arr = []
-        hz = hz_start
-
-        while step_hz_direction.positive? ? hz <= hz_target : hz >= hz_target
-          tune_to(gqrx_sock: gqrx_sock, hz: hz)
-          strength_db = measure_signal_strength(
+          prev_freq_obj = init_freq(
             gqrx_sock: gqrx_sock,
-            freq: hz,
-            strength_lock: strength_lock,
-            phase: :find_candidates
+            freq: hz_start,
+            demodulator_mode: demodulator_mode,
+            bandwidth: bandwidth,
+            squelch: squelch,
+            decoder: decoder,
+            suppress_details: true,
+            keep_alive: true
           )
 
-          if strength_db >= strength_lock
-            puts '-' * 86
-            # Find left and right edges of the signal
-            candidate_signals = edge_detection(
-              gqrx_sock: gqrx_sock,
-              hz: hz,
-              step_hz: step_hz,
-              strength_lock: strength_lock
-            )
-          elsif candidate_signals.length.positive?
-            best_peak = find_best_peak(
+          candidate_signals = []
+
+          # Begin scanning range
+          puts "\n"
+          puts '-' * 86
+          puts "INFO: Scanning from #{PWN::SDR.hz_to_s(hz_start)} to #{PWN::SDR.hz_to_s(hz_target)} in steps of #{PWN::SDR.hz_to_s(step_hz_direction.abs)} Hz."
+          puts "If scans are slow and/or you're experiencing false positives/negatives,"
+          puts 'consider adjusting the following:'
+          puts "1. The SDR's sample rate in GQRX"
+          puts "\s\s- Click on `Configure I/O devices`."
+          puts "\s\s- A lower `Input rate` value seems counter-intuitive but works well (e.g. ADALM PLUTO ~ 1000000)."
+          puts '2. Adjust the :strength_lock parameter.'
+          puts '3. Adjust the :precision parameter.'
+          puts '4. Disable AI introspection in PWN::Env'
+          puts 'Happy scanning!'
+          puts '-' * 86
+          puts "\n\n\n"
+
+          signals_arr = []
+          hz = hz_start
+
+          while step_hz_direction.positive? ? hz <= hz_target : hz >= hz_target
+            tune_to(gqrx_sock: gqrx_sock, hz: hz)
+            strength_db = measure_signal_strength(
               gqrx_sock: gqrx_sock,
-              candidate_signals: candidate_signals,
-              step_hz: step_hz,
-              strength_lock: strength_lock
+              freq: hz,
+              strength_lock: strength_lock,
+              phase: :find_candidates
             )
 
-            if best_peak[:hz] && best_peak[:strength_db] > strength_lock
-              puts "\n**** Detected Signal ****"
-              best_freq = PWN::SDR.hz_to_s(best_peak[:hz])
-              best_strength_db = best_peak[:strength_db]
-              prev_freq_obj = init_freq(
+            if strength_db >= strength_lock
+              puts '-' * 86
+              # Find left and right edges of the signal
+              candidate_signals = edge_detection(
                 gqrx_sock: gqrx_sock,
-                freq: best_freq,
-                demodulator_mode: demodulator_mode,
-                bandwidth: bandwidth,
-                squelch: squelch,
-                decoder: decoder,
-                suppress_details: true,
-                keep_alive: true
+                hz: hz,
+                step_hz: step_hz,
+                strength_lock: strength_lock
               )
-              prev_freq_obj[:strength_lock] = strength_lock
-              prev_freq_obj[:strength_db] = best_strength_db
-
-              system_role_content = "Analyze signal data captured by a software-defined-radio using GQRX at the following location: #{location}. Respond with just FCC information about the transmission if available.  If the frequency is unlicensed or not found in FCC records, state that clearly.  Be clear and concise in your analysis."
-              ai_analysis = PWN::AI::Introspection.reflect_on(
-                request: prev_freq_obj.to_json,
-                system_role_content: system_role_content,
-                suppress_pii_warning: true
+            elsif candidate_signals.length.positive?
+              best_peak = find_best_peak(
+                gqrx_sock: gqrx_sock,
+                candidate_signals: candidate_signals,
+                step_hz: step_hz,
+                strength_lock: strength_lock
               )
 
-              prev_freq_obj[:ai_analysis] = ai_analysis unless ai_analysis.nil?
-              puts JSON.pretty_generate(prev_freq_obj)
-              puts '-' * 86
-              puts "\n\n\n"
-              signals_arr.push(prev_freq_obj)
-              log_signals(
-                signals_arr: signals_arr,
-                timestamp_start: timestamp_start,
-                scan_log: scan_log
-              )
-              hz = candidate_signals.last[:hz]
-              # gets
+              if best_peak[:hz] && best_peak[:strength_db] > strength_lock
+                puts "\n**** Detected Signal ****"
+                best_freq = PWN::SDR.hz_to_s(best_peak[:hz])
+                best_strength_db = best_peak[:strength_db]
+                prev_freq_obj = init_freq(
+                  gqrx_sock: gqrx_sock,
+                  freq: best_freq,
+                  demodulator_mode: demodulator_mode,
+                  bandwidth: bandwidth,
+                  squelch: squelch,
+                  decoder: decoder,
+                  suppress_details: true,
+                  keep_alive: true
+                )
+                prev_freq_obj[:strength_lock] = strength_lock
+                prev_freq_obj[:strength_db] = best_strength_db
+
+                system_role_content = "Analyze signal data captured by a software-defined-radio using GQRX at the following location: #{location}. Respond with just FCC information about the transmission if available.  If the frequency is unlicensed or not found in FCC records, state that clearly.  Be clear and concise in your analysis."
+                ai_analysis = PWN::AI::Introspection.reflect_on(
+                  request: prev_freq_obj.to_json,
+                  system_role_content: system_role_content,
+                  suppress_pii_warning: true
+                )
+
+                prev_freq_obj[:ai_analysis] = ai_analysis unless ai_analysis.nil?
+                puts JSON.pretty_generate(prev_freq_obj)
+                puts '-' * 86
+                puts "\n\n\n"
+                signals_arr.push(prev_freq_obj)
+                log_signals(
+                  signals_arr: signals_arr,
+                  timestamp_start: timestamp_start,
+                  scan_log: scan_log
+                )
+                hz = candidate_signals.last[:hz]
+                # gets
+              end
+              candidate_signals.clear
             end
-            candidate_signals.clear
+            hz += step_hz_direction
           end
-          hz += step_hz_direction
-        end
 
-        log_signals(
-          signals_arr: signals_arr,
-          timestamp_start: timestamp_start,
-          scan_log: scan_log
-        )
+          log_signals(
+            signals_arr: signals_arr,
+            timestamp_start: timestamp_start,
+            scan_log: scan_log
+          )
+          break unless keep_looping
+
+          print "\nScan iteration ##{loop_count} complete.  Resuming in 30 seconds.  Press CTRL+C to exit"
+          30.times do
+            print '.'
+            sleep 1
+          end
+          puts "\n"
+          loop_count += 1
+        end
       rescue Interrupt
         puts "\nCTRL+C detected - goodbye."
       rescue StandardError => e
         raise e
       ensure
-        disconnect(gqrx_sock: gqrx_sock)
+        disconnect(gqrx_sock: gqrx_sock) if defined?(gqrx_sock) && gqrx_sock.is_a?(TCPSocket)
       end
 
       # Supported Method Parameters::

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.5.525'
+  VERSION = '0.5.527'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.5.525
+  version: 0.5.527
 platform: ruby
 authors:
 - 0day Inc.