pwn 0.5.75 → 0.5.77

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1cba5aa01f8984c7ba1ce83fa78dc1d095b4d861396b9232ab3f76b3016006a3
-  data.tar.gz: 7f485302aa1bf96ce268673fb81b954146de4c2ccc9689019e7f511b2f9e025e
+  metadata.gz: 785ee96770cdafec2335a97bebd6ead037c1e101e71034a42ac7a2b2d9e1ad3f
+  data.tar.gz: ec5131e73e7880531e0eb1c7c3d61ba0736c0f8f1f65756a61d9deaf59dc458a
 SHA512:
-  metadata.gz: f7f4289fa20980acead88c2fe8d4229e4e264fd19781b9bfe36992eeff5f9fecabbc8d90d65b508d0eee73ae0277d97a54818cf2c8f9eadac6fbf4ee6719bd05
-  data.tar.gz: 8ed257b5ecf62599422d90dea3fba4e2bf03a8bf5831e793cd91e2fc138bd5cecf820abd477b6f8689b55934e4d4629ab72c9387b62ec812ab35d881591a9bbc
+  metadata.gz: b35076b724a522bd1ea40981ce5d37f1454162b64ba2120217e6b19f26856d8eacb1457032179148a136c375809dd09b7fad4348169e1a8cce8381f6bfe154ae
+  data.tar.gz: 0db05cecffa1a616df0dfc49d7b78e13f2f25099b350f31e24b2f69d534c876490df424b8ab9b7a63de249b0103e34bac58fd8df39c58ca8b41902cb10514978

data/Gemfile

@@ -26,7 +26,7 @@ gem 'colorize', '1.1.0'
 gem 'credit_card_validations', '6.1.0'
 gem 'eventmachine', '1.2.7'
 gem 'executable-hooks', '1.7.1'
-gem 'faker', '3.3.0'
+gem 'faker', '3.3.1'
 gem 'faye-websocket', '0.11.3'
 gem 'ffi', '1.16.3'
 gem 'fftw3', '0.3'
@@ -63,7 +63,7 @@ gem 'pdf-reader', '2.12.0'
 gem 'pg', '1.5.6'
 gem 'pry', '0.14.2'
 gem 'pry-doc', '1.5.0'
-gem 'rake', '13.1.0'
+gem 'rake', '13.2.0'
 gem 'rb-readline', '0.5.5'
 gem 'rbvmomi', '3.0.0'
 gem 'rdoc', '6.6.3.1'
@@ -75,13 +75,13 @@ gem 'rspec', '3.13.0'
 gem 'rtesseract', '3.1.3'
 gem 'rubocop', '1.62.1'
 gem 'rubocop-rake', '0.6.0'
-gem 'rubocop-rspec', '2.27.1'
+gem 'rubocop-rspec', '2.28.0'
 gem 'ruby-audio', '1.6.1'
 gem 'ruby-nmap', '1.0.3'
 gem 'ruby-saml', '1.16.0'
 gem 'rvm', '1.11.3.9'
 gem 'savon', '2.15.0'
-gem 'selenium-devtools', '0.122.0'
+gem 'selenium-devtools', '0.123.0'
 gem 'serialport', '1.3.2'
 # gem 'sinatra', '4.0.0'
 gem 'slack-ruby-client', '2.3.0'

data/README.md

@@ -37,7 +37,7 @@ $ cd /opt/pwn
 $ ./install.sh
 $ ./install.sh ruby-gem
 $ pwn
-pwn[v0.5.75]:001 >>> PWN.help
+pwn[v0.5.77]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.0@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.5.75]:001 >>> PWN.help
+pwn[v0.5.77]:001 >>> PWN.help
 ```
 
 If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.0@pwn
 $ rvmsudo gem uninstall --all --executables pwn
 $ rvmsudo gem install --verbose pwn
 $ pwn
-pwn[v0.5.75]:001 >>> PWN.help
+pwn[v0.5.77]:001 >>> PWN.help
 ```
 
 PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`.  The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:

data/bin/pwn_defectdojo_importscan

@@ -38,6 +38,10 @@ OptionParser.new do |options|
     opts[:file] = f
   end
 
+  options.on('-TNAME', '--test-title=NAME', '<Optional - name of test to associate w/ scan type (Defaults to --scan-type value>') do |t|
+    opts[:test_title] = t
+  end
+
   options.on('-lUSER', '--lead-username=USER', '<Optional - username of lead to tie to engagement (Defaults to username)>') do |l|
     opts[:lead_username] = l
   end
@@ -58,6 +62,10 @@ OptionParser.new do |options|
     opts[:verified] = v
   end
 
+  options.on('-G', '--group-by', '<Optional - group findings by "component_name" || "component_name+component_version" || "file_path" || "finding_title" (defaults to nil)') do |g|
+    opts[:group_by] = g
+  end
+
   options.on('-g', '--create-finding-groups', '<Optional - group similar findings into one finding (defaults to false)') do |g|
     opts[:create_finding_groups] = g
   end
@@ -91,10 +99,12 @@ engagement_name = opts[:engagement_name]
 scan_type = opts[:scan_type]
 file = opts[:file]
 opts[:lead_username] ? (lead_username = opts[:lead_username]) : (lead_username = username)
+test_title = opts[:test_title]
 tags = opts[:tags]
 minimum_severity = opts[:minimum_severity]
 scan_date = opts[:scan_date]
 verified = opts[:verified]
+group_by = opts[:group_by]
 create_findings_groups = opts[:create_finding_groups]
 close_old_findings_product_scope = opts[:close_old_findings_product_scope]
 close_old_findings = opts[:close_old_findings]
@@ -113,11 +123,13 @@ begin
     engagement_name: engagement_name,
     scan_type: scan_type,
     file: file,
+    test_title: test_title,
     lead_username: lead_username,
     tags: tags,
     minimum_severity: minimum_severity,
     scan_date: scan_date,
     verified: verified,
+    group_by: group_by,
     create_findings_groups: create_findings_groups,
     close_old_findings_product_scope: close_old_findings_product_scope,
     close_old_findings: close_old_findings,

data/bin/pwn_gqrx_scanner

@@ -73,282 +73,6 @@ if opts.empty?
   exit 1
 end
 
-def gqrx_cmd(opts = {})
-  gqrx_sock = opts[:gqrx_sock]
-  cmd = opts[:cmd]
-  resp_ok = opts[:resp_ok]
-
-  # Most Recent GQRX Command Set:
-  # https://raw.githubusercontent.com/gqrx-sdr/gqrx/master/resources/remote-control.txt
-  # Supported commands:
-  #  f Get frequency [Hz]
-  #  F <frequency> Set frequency [Hz]
-  #  m Get demodulator mode and passband
-  #  M <mode> [passband]
-  #     Set demodulator mode and passband [Hz]
-  #     Passing a '?' as the first argument instead of 'mode' will return
-  #     a space separated list of radio backend supported modes.
-  #  l|L ?
-  #     Get a space separated list of settings available for reading (l) or writing (L).
-  #  l STRENGTH
-  #     Get signal strength [dBFS]
-  #  l SQL
-  #     Get squelch threshold [dBFS]
-  #  L SQL <sql>
-  #     Set squelch threshold to <sql> [dBFS]
-  #  l AF
-  #     Get audio gain [dB]
-  #  L AF <gain>
-  #     Set audio gain to <gain> [dB]
-  #  l <gain_name>_GAIN
-  #     Get the value of the gain setting with the name <gain_name>
-  #  L <gain_name>_GAIN <value>
-  #     Set the value of the gain setting with the name <gain_name> to <value>
-  #  p RDS_PI
-  #     Get the RDS PI code (in hexadecimal). Returns 0000 if not applicable.
-  #  u RECORD
-  #     Get status of audio recorder
-  #  U RECORD <status>
-  #     Set status of audio recorder to <status>
-  #  u DSP
-  #     Get DSP (SDR receiver) status
-  #  U DSP <status>
-  #     Set DSP (SDR receiver) status to <status>
-  #  u RDS
-  #     Get RDS decoder to <status>.  Only functions in WFM mode.
-  #  U RDS <status>
-  #     Set RDS decoder to <status>.  Only functions in WFM mode.
-  #  q|Q
-  #     Close connection
-  #  AOS
-  #     Acquisition of signal (AOS) event, start audio recording
-  #  LOS
-  #     Loss of signal (LOS) event, stop audio recording
-  #  LNB_LO [frequency]
-  #     If frequency [Hz] is specified set the LNB LO frequency used for
-  #     display. Otherwise print the current LNB LO frequency [Hz].
-  #  \chk_vfo
-  #     Get VFO option status (only usable for hamlib compatibility)
-  #  \dump_state
-  #     Dump state (only usable for hamlib compatibility)
-  #  \get_powerstat
-  #     Get power status (only usable for hamlib compatibility)
-  #  v
-  #     Get 'VFO' (only usable for hamlib compatibility)
-  #  V
-  #     Set 'VFO' (only usable for hamlib compatibility)
-  #  s
-  #     Get 'Split' mode (only usable for hamlib compatibility)
-  #  S
-  #     Set 'Split' mode (only usable for hamlib compatibility)
-  #  _
-  #     Get version
-  #
-  # Reply:
-  #  RPRT 0
-  #     Command successful
-  #  RPRT 1
-  #     Command failed
-
-  gqrx_sock.write("#{cmd}\n")
-  response = []
-  got_freq = false
-  # Read all responses from gqrx_sock.write
-  timeout = 0.001 if timeout.nil?
-
-  begin
-    response.push(gqrx_sock.readline.chomp) while gqrx_sock.wait_readable(timeout)
-    raise IOError if response.empty?
-  rescue IOError
-    timeout += 0.001
-    retry
-  end
-
-  got_int_value_in_resp = true if response.first.to_i.positive?
-  response = response.first if response.length == 1
-
-  raise "ERROR!!! Command: #{cmd} Expected Resp: #{resp_ok}, Got: #{response}" if resp_ok && response != resp_ok
-
-  if got_int_value_in_resp
-    fixed_len_freq = format('%0.12d', response.to_i)
-    freq_segments = fixed_len_freq.scan(/.{3}/)
-    first_non_zero_index = freq_segments.index { |s| s.to_i.positive? }
-    freq_segments = freq_segments[first_non_zero_index..-1]
-    freq_segments[0] = freq_segments.first.to_i.to_s
-    response = freq_segments.join('.')
-  end
-
-  # DEBUG
-  # puts response.inspect
-  # puts response.length
-
-  response
-rescue RuntimeError => e
-  puts 'WARNING: RF Gain is not supported by the radio backend.' if e.message.include?('Command: L RF_GAIN')
-  puts 'WARNING: Intermediate Gain is not supported by the radio backend.' if e.message.include?('Command: L IF_GAIN')
-  puts 'WARNING: Baseband Gain is not supported by the radio backend.' if e.message.include?('Command: L BB_GAIN')
-
-  raise e unless e.message.include?('Command: L RF_GAIN') ||
-                 e.message.include?('Command: L IF_GAIN') ||
-                 e.message.include?('Command: L BB_GAIN')
-end
-
-def init_freq(opts = {})
-  gqrx_sock = opts[:gqrx_sock]
-  demodulator_mode = opts[:demodulator_mode]
-  bandwidth = opts[:bandwidth]
-  this_freq = opts[:this_freq]
-  lock_freq_duration = opts[:lock_freq_duration]
-  strength_lock = opts[:strength_lock]
-
-  demod_n_passband = gqrx_cmd(
-    gqrx_sock: gqrx_sock,
-    cmd: 'm'
-  )
-
-  change_freq_resp = gqrx_cmd(
-    gqrx_sock: gqrx_sock,
-    cmd: "F #{this_freq}",
-    resp_ok: 'RPRT 0'
-  )
-
-  current_freq = gqrx_cmd(
-    gqrx_sock: gqrx_sock,
-    cmd: 'f'
-  )
-
-  audio_gain_db = gqrx_cmd(
-    gqrx_sock: gqrx_sock,
-    cmd: 'l AF'
-  ).to_f
-
-  current_strength = gqrx_cmd(
-    gqrx_sock: gqrx_sock,
-    cmd: 'l STRENGTH'
-  ).to_f
-
-  current_squelch = gqrx_cmd(
-    gqrx_sock: gqrx_sock,
-    cmd: 'l SQL'
-  ).to_f
-
-  rf_gain = gqrx_cmd(
-    gqrx_sock: gqrx_sock,
-    cmd: 'l RF_GAIN'
-  ).to_f
-
-  if_gain = gqrx_cmd(
-    gqrx_sock: gqrx_sock,
-    cmd: 'l IF_GAIN'
-  ).to_f
-
-  bb_gain = gqrx_cmd(
-    gqrx_sock: gqrx_sock,
-    cmd: 'l BB_GAIN'
-  ).to_f
-
-  init_freq_hash = {
-    demod_mode_n_passband: demod_n_passband,
-    frequency: current_freq,
-    bandwidth: bandwidth,
-    audio_gain_db: audio_gain_db,
-    squelch: current_squelch,
-    rf_gain: rf_gain,
-    if_gain: if_gain,
-    bb_gain: bb_gain,
-    strength: current_strength,
-    strength_lock: strength_lock,
-    lock_freq_duration: lock_freq_duration
-  }
-
-  print '.'
-  sleep lock_freq_duration if current_strength > strength_lock
-
-  init_freq_hash
-end
-
-def scan_range(opts = {})
-  gqrx_sock = opts[:gqrx_sock]
-  demodulator_mode = opts[:demodulator_mode]
-  bandwidth = opts[:bandwidth]
-  start_freq = opts[:start_freq]
-  target_freq = opts[:target_freq]
-  precision = opts[:precision]
-  lock_freq_duration = opts[:lock_freq_duration]
-  strength_lock = opts[:strength_lock]
-
-  multiplier = 10**(precision - 1)
-  prev_freq_hash = {
-    demod_mode_n_passband: demodulator_mode,
-    frequency: start_freq,
-    bandwidth: bandwidth,
-    audio_gain_db: 0.0,
-    squelch: 0.0,
-    rf_gain: 0.0,
-    if_gain: 0.0,
-    bb_gain: 0.0,
-    strength: 0.0,
-    strength_lock: strength_lock,
-    lock_freq_duration: lock_freq_duration
-  }
-  if start_freq > target_freq
-    start_freq.downto(target_freq) do |this_freq|
-      next unless (this_freq % multiplier).zero?
-
-      init_freq_hash = init_freq(
-        gqrx_sock: gqrx_sock,
-        demodulator_mode: demodulator_mode,
-        bandwidth: bandwidth,
-        this_freq: this_freq,
-        lock_freq_duration: lock_freq_duration,
-        strength_lock: strength_lock
-      )
-
-      current_strength = init_freq_hash[:strength]
-      prev_strength = prev_freq_hash[:strength]
-      prev_freq = prev_freq_hash[:frequency]
-
-      approaching_detection = true if current_strength > prev_strength &&
-                                      current_strength > strength_lock
-      if approaching_detection && current_strength <= prev_strength
-        puts "\n**** Found a signal ~ #{prev_freq} Hz ****"
-        puts JSON.pretty_generate(prev_freq_hash)
-        approaching_detection = false
-      end
-
-      prev_freq_hash = init_freq_hash
-    end
-  else
-    this_freq = start_freq
-    while this_freq <= target_freq
-      init_freq_hash = init_freq(
-        gqrx_sock: gqrx_sock,
-        demodulator_mode: demodulator_mode,
-        bandwidth: bandwidth,
-        this_freq: this_freq,
-        lock_freq_duration: lock_freq_duration,
-        strength_lock: strength_lock
-      )
-
-      current_strength = init_freq_hash[:strength]
-      prev_strength = prev_freq_hash[:strength]
-      prev_freq = prev_freq_hash[:frequency]
-
-      approaching_detection = true if current_strength > prev_strength &&
-                                      current_strength > strength_lock
-      if approaching_detection && current_strength < prev_strength
-        puts "\n**** Discovered a signal ~ #{prev_freq} Hz ****"
-        puts JSON.pretty_generate(prev_freq_hash)
-        approaching_detection = false
-      end
-
-      prev_freq_hash = init_freq_hash
-
-      this_freq += multiplier
-    end
-  end
-end
-
 begin
   pwn_provider = 'ruby-gem'
   pwn_provider = ENV.fetch('PWN_PROVIDER') if ENV.keys.any? { |s| s == 'PWN_PROVIDER' }
@@ -358,11 +82,11 @@ begin
   target_freq = target_freq.to_i
   raise "ERROR: Invalid target frequency #{target_freq}" if target_freq.zero?
 
-  host = opts[:host] ||= '127.0.0.1'
-  port = opts[:port] ||= 7356
+  host = opts[:host]
+  port = opts[:port]
 
   puts "Connecting to GQRX at #{host}:#{port}..."
-  gqrx_sock = PWN::Plugins::Sock.connect(target: host, port: port)
+  gqrx_sock = PWN::Plugins::GQRX.connect(target: host, port: port)
 
   start_freq = opts[:start_freq]
   start_freq = start_freq.to_s.delete('.') unless start_freq.nil?
@@ -377,7 +101,7 @@ begin
 
   puts "Setting demodulator mode to #{demodulator_mode} and bandwidth to #{bandwidth}..."
   bandwidth = bandwidth.to_s.delete('.').to_i unless bandwidth.nil?
-  demod_resp = gqrx_cmd(
+  demod_resp = PWN::Plugins::GQRX.gqrx_cmd(
     gqrx_sock: gqrx_sock,
     cmd: "M #{demodulator_mode} #{bandwidth}",
     resp_ok: 'RPRT 0'
@@ -385,7 +109,7 @@ begin
 
   audio_gain_db = opts[:audio_gain_db] ||= 1.0
   audio_gain_db = audio_gain_db.to_f
-  audio_gain_db_resp = gqrx_cmd(
+  audio_gain_db_resp = PWN::Plugins::GQRX.gqrx_cmd(
     gqrx_sock: gqrx_sock,
     cmd: "L AF #{audio_gain_db}",
     resp_ok: 'RPRT 0'
@@ -393,7 +117,7 @@ begin
 
   squelch = opts[:squelch] ||= -63.0
   squelch = squelch.to_f
-  squelch_resp = gqrx_cmd(
+  squelch_resp = PWN::Plugins::GQRX.gqrx_cmd(
     gqrx_sock: gqrx_sock,
     cmd: "L SQL #{squelch}",
     resp_ok: 'RPRT 0'
@@ -411,7 +135,7 @@ begin
 
   rf_gain = opts[:rf_gain] ||= 0.0
   rf_gain = rf_gain.to_f
-  rf_gain_resp = gqrx_cmd(
+  rf_gain_resp = PWN::Plugins::GQRX.gqrx_cmd(
     gqrx_sock: gqrx_sock,
     cmd: "L RF_GAIN #{rf_gain}",
     resp_ok: 'RPRT 0'
@@ -419,7 +143,7 @@ begin
 
   intermediate_gain = opts[:intermediate_gain] ||= 32.0
   intermediate_gain = intermediate_gain.to_f
-  intermediate_resp = gqrx_cmd(
+  intermediate_resp = PWN::Plugins::GQRX.gqrx_cmd(
     gqrx_sock: gqrx_sock,
     cmd: "L IF_GAIN #{intermediate_gain}",
     resp_ok: 'RPRT 0'
@@ -427,7 +151,7 @@ begin
 
   baseband_gain = opts[:baseband_gain] ||= 10.0
   baseband_gain = baseband_gain.to_f
-  baseband_resp = gqrx_cmd(
+  baseband_resp = PWN::Plugins::GQRX.gqrx_cmd(
     gqrx_sock: gqrx_sock,
     cmd: "L BB_GAIN #{baseband_gain}",
     resp_ok: 'RPRT 0'
@@ -437,7 +161,7 @@ begin
   t_freq_pretty = target_freq.to_s.chars.insert(-4, '.').insert(-8, '.').join
   puts "*** Scanning from #{s_freq_pretty} to #{t_freq_pretty}\n\n\n"
 
-  scan_range(
+  PWN::Plugins::GQRX.scan_range(
     gqrx_sock: gqrx_sock,
     demodulator_mode: demodulator_mode,
     bandwidth: bandwidth,
@@ -454,5 +178,5 @@ rescue StandardError => e
 rescue Interrupt, SystemExit
   puts "\nGoodbye."
 ensure
-  gqrx_sock = PWN::Plugins::Sock.disconnect(sock_obj: gqrx_sock)
+  gqrx_sock = PWN::Plugins::GQRX.disconnect(gqrx_sock: gqrx_sock)
 end

data/lib/pwn/plugins/defect_dojo.rb

@@ -432,6 +432,8 @@ module PWN
         http_body[:multipart] = true
         http_body[:file] = File.new(opts[:file].to_s.strip.chomp.scrub, 'rb') if File.exist?(opts[:file].to_s.strip.chomp.scrub)
 
+        http_body[:test_title] = opts[:test_title]
+
         # Ok lets determine the resource_uri for the lead username
         lead_username = opts[:lead_username].to_s.strip.chomp.scrub
         user_list = self.user_list(dd_obj: dd_obj)
@@ -469,6 +471,19 @@ module PWN
         # Defaults to false
         opts[:verified] ? (http_body[:verified] = true) : (http_body[:verified] = false)
 
+        valid_group_by = %w[
+          component_name
+          component_name+compoent_version
+          file_path
+          finding_title
+        ]
+
+        group_by = opts[:group_by]
+        # If group_by is set, ensure we have a valid group_by value
+        raise "ERROR: Invalid group_by value: #{group_by}.  Options are 'product' or 'engagement'" unless valid_group_by.include?(group_by) || group_by.nil?
+
+        http_body[:group_by] = group_by if group_by
+
         opts[:create_finding_groups] ? (http_body[:create_finding_groups_for_all_findings] = true) : (http_body[:create_finding_groups_for_all_findings] = false)
 
         opts[:close_old_findings_product_scope] ? (http_body[:close_old_findings_product_scope] = true) : (http_body[:close_old_findings_product_scope] = false)

data/lib/pwn/plugins/gqrx.rb

@@ -0,0 +1,361 @@
+# frozen_string_literal: true
+
+require 'open3'
+
+module PWN
+  module Plugins
+    # This plugin interacts with the remote control interface of GQRX.
+    module GQRX
+      # Supported Method Parameters::
+      # gqrx_sock = PWN::Plugins::GQRX.connect(
+      #   target: 'optional - GQRX target IP address (defaults to 127.0.0.1)',
+      #   port: 'optional - GQRX target port (defaults to 7356)'
+      # )
+      public_class_method def self.connect(opts = {})
+        target = opts[:target] ||= '127.0.0.1'
+        port = opts[:port] ||= 7356
+
+        PWN::Plugins::Sock.connect(target: target, port: port)
+      rescue StandardError => e
+        raise e
+      end
+
+      # Supported Method Parameters::
+      # gqrx_resp = PWN::Plugins::GQRX.gqrx_cmd(
+      #   gqrx_sock: 'required - GQRX socket object returned from #connect method',
+      #   cmd: 'required - GQRX command to execute'
+      #   resp_ok: 'optional - Expected response from GQRX to indicate success'
+      # )
+
+      public_class_method def self.gqrx_cmd(opts = {})
+        gqrx_sock = opts[:gqrx_sock]
+        cmd = opts[:cmd]
+        resp_ok = opts[:resp_ok]
+
+        # Most Recent GQRX Command Set:
+        # https://raw.githubusercontent.com/gqrx-sdr/gqrx/master/resources/remote-control.txt
+        # Supported commands:
+        #  f Get frequency [Hz]
+        #  F <frequency> Set frequency [Hz]
+        #  m Get demodulator mode and passband
+        #  M <mode> [passband]
+        #     Set demodulator mode and passband [Hz]
+        #     Passing a '?' as the first argument instead of 'mode' will return
+        #     a space separated list of radio backend supported modes.
+        #  l|L ?
+        #     Get a space separated list of settings available for reading (l) or writing (L).
+        #  l STRENGTH
+        #     Get signal strength [dBFS]
+        #  l SQL
+        #     Get squelch threshold [dBFS]
+        #  L SQL <sql>
+        #     Set squelch threshold to <sql> [dBFS]
+        #  l AF
+        #     Get audio gain [dB]
+        #  L AF <gain>
+        #     Set audio gain to <gain> [dB]
+        #  l <gain_name>_GAIN
+        #     Get the value of the gain setting with the name <gain_name>
+        #  L <gain_name>_GAIN <value>
+        #     Set the value of the gain setting with the name <gain_name> to <value>
+        #  p RDS_PI
+        #     Get the RDS PI code (in hexadecimal). Returns 0000 if not applicable.
+        #  u RECORD
+        #     Get status of audio recorder
+        #  U RECORD <status>
+        #     Set status of audio recorder to <status>
+        #  u DSP
+        #     Get DSP (SDR receiver) status
+        #  U DSP <status>
+        #     Set DSP (SDR receiver) status to <status>
+        #  u RDS
+        #     Get RDS decoder to <status>.  Only functions in WFM mode.
+        #  U RDS <status>
+        #     Set RDS decoder to <status>.  Only functions in WFM mode.
+        #  q|Q
+        #     Close connection
+        #  AOS
+        #     Acquisition of signal (AOS) event, start audio recording
+        #  LOS
+        #     Loss of signal (LOS) event, stop audio recording
+        #  LNB_LO [frequency]
+        #     If frequency [Hz] is specified set the LNB LO frequency used for
+        #     display. Otherwise print the current LNB LO frequency [Hz].
+        #  \chk_vfo
+        #     Get VFO option status (only usable for hamlib compatibility)
+        #  \dump_state
+        #     Dump state (only usable for hamlib compatibility)
+        #  \get_powerstat
+        #     Get power status (only usable for hamlib compatibility)
+        #  v
+        #     Get 'VFO' (only usable for hamlib compatibility)
+        #  V
+        #     Set 'VFO' (only usable for hamlib compatibility)
+        #  s
+        #     Get 'Split' mode (only usable for hamlib compatibility)
+        #  S
+        #     Set 'Split' mode (only usable for hamlib compatibility)
+        #  _
+        #     Get version
+        #
+        # Reply:
+        #  RPRT 0
+        #     Command successful
+        #  RPRT 1
+        #     Command failed
+
+        gqrx_sock.write("#{cmd}\n")
+        response = []
+        got_freq = false
+        # Read all responses from gqrx_sock.write
+        timeout = 0.001 if timeout.nil?
+
+        begin
+          response.push(gqrx_sock.readline.chomp) while gqrx_sock.wait_readable(timeout)
+          raise IOError if response.empty?
+        rescue IOError
+          timeout += 0.001
+          retry
+        end
+
+        got_int_value_in_resp = true if response.first.to_i.positive?
+        response = response.first if response.length == 1
+
+        raise "ERROR!!! Command: #{cmd} Expected Resp: #{resp_ok}, Got: #{response}" if resp_ok && response != resp_ok
+
+        if got_int_value_in_resp
+          fixed_len_freq = format('%0.12d', response.to_i)
+          freq_segments = fixed_len_freq.scan(/.{3}/)
+          first_non_zero_index = freq_segments.index { |s| s.to_i.positive? }
+          freq_segments = freq_segments[first_non_zero_index..-1]
+          freq_segments[0] = freq_segments.first.to_i.to_s
+          response = freq_segments.join('.')
+        end
+
+        # DEBUG
+        # puts response.inspect
+        # puts response.length
+
+        response
+      rescue RuntimeError => e
+        puts 'WARNING: RF Gain is not supported by the radio backend.' if e.message.include?('Command: L RF_GAIN')
+        puts 'WARNING: Intermediate Gain is not supported by the radio backend.' if e.message.include?('Command: L IF_GAIN')
+        puts 'WARNING: Baseband Gain is not supported by the radio backend.' if e.message.include?('Command: L BB_GAIN')
+
+        raise e unless e.message.include?('Command: L RF_GAIN') ||
+                       e.message.include?('Command: L IF_GAIN') ||
+                       e.message.include?('Command: L BB_GAIN')
+      rescue StandardError => e
+        raise e
+      end
+
+      # Supported Method Parameters::
+      # PWN::Plugins::GQRX.init_freq(
+      #   gqrx_sock: 'required - GQRX socket object returned from #connect method',
+      #   freq: 'required - Frequency to set',
+      #   demodulator_mode: 'optional - Demodulator mode (defaults to WFM)',
+      #   bandwidth: 'optional - Bandwidth (defaults to 200000)',
+      #   lock_freq_duration: 'optional - Lock frequency duration (defaults to 0.5)',
+      #   strength_lock: 'optional - Strength lock (defaults to -60.0)'
+      # )
+      public_class_method def self.init_freq(opts = {})
+        gqrx_sock = opts[:gqrx_sock]
+        freq = opts[:freq]
+        demodulator_mode = opts[:demodulator_mode]
+        bandwidth = opts[:bandwidth]
+        lock_freq_duration = opts[:lock_freq_duration]
+        strength_lock = opts[:strength_lock]
+
+        demod_n_passband = gqrx_cmd(
+          gqrx_sock: gqrx_sock,
+          cmd: 'm'
+        )
+
+        change_freq_resp = gqrx_cmd(
+          gqrx_sock: gqrx_sock,
+          cmd: "F #{freq}",
+          resp_ok: 'RPRT 0'
+        )
+
+        current_freq = gqrx_cmd(
+          gqrx_sock: gqrx_sock,
+          cmd: 'f'
+        )
+
+        audio_gain_db = gqrx_cmd(
+          gqrx_sock: gqrx_sock,
+          cmd: 'l AF'
+        ).to_f
+
+        current_strength = gqrx_cmd(
+          gqrx_sock: gqrx_sock,
+          cmd: 'l STRENGTH'
+        ).to_f
+
+        current_squelch = gqrx_cmd(
+          gqrx_sock: gqrx_sock,
+          cmd: 'l SQL'
+        ).to_f
+
+        rf_gain = gqrx_cmd(
+          gqrx_sock: gqrx_sock,
+          cmd: 'l RF_GAIN'
+        ).to_f
+
+        if_gain = gqrx_cmd(
+          gqrx_sock: gqrx_sock,
+          cmd: 'l IF_GAIN'
+        ).to_f
+
+        bb_gain = gqrx_cmd(
+          gqrx_sock: gqrx_sock,
+          cmd: 'l BB_GAIN'
+        ).to_f
+
+        init_freq_hash = {
+          demod_mode_n_passband: demod_n_passband,
+          frequency: current_freq,
+          bandwidth: bandwidth,
+          audio_gain_db: audio_gain_db,
+          squelch: current_squelch,
+          rf_gain: rf_gain,
+          if_gain: if_gain,
+          bb_gain: bb_gain,
+          strength: current_strength,
+          strength_lock: strength_lock,
+          lock_freq_duration: lock_freq_duration
+        }
+
+        print '.'
+        sleep lock_freq_duration if current_strength > strength_lock
+
+        init_freq_hash
+      rescue StandardError => e
+        raise e
+      end
+
+      # Supported Method Parameters::
+      # PWN::Plugins::GQRX.scan_range(
+      #   gqrx_sock: 'required - GQRX socket object returned from #connect method',
+      #   demodulator_mode: 'required - Demodulator mode',
+      #   bandwidth: 'required - Bandwidth',
+      #   start_freq: 'required - Starting frequency',
+      #   target_freq: 'required - Target frequency',
+      #   precision: 'required - Precision',
+      #   lock_freq_duration: 'optional - Lock frequency duration (defaults to 0.5)',
+      #   strength_lock: 'optional - Strength lock (defaults to -60.0)'
+      # )
+
+      public_class_method def self.scan_range(opts = {})
+        gqrx_sock = opts[:gqrx_sock]
+        demodulator_mode = opts[:demodulator_mode]
+        bandwidth = opts[:bandwidth]
+        start_freq = opts[:start_freq]
+        target_freq = opts[:target_freq]
+        precision = opts[:precision]
+        lock_freq_duration = opts[:lock_freq_duration]
+        strength_lock = opts[:strength_lock]
+
+        multiplier = 10**(precision - 1)
+        prev_freq_hash = {
+          demod_mode_n_passband: demodulator_mode,
+          frequency: start_freq,
+          bandwidth: bandwidth,
+          audio_gain_db: 0.0,
+          squelch: 0.0,
+          rf_gain: 0.0,
+          if_gain: 0.0,
+          bb_gain: 0.0,
+          strength: 0.0,
+          strength_lock: strength_lock,
+          lock_freq_duration: lock_freq_duration
+        }
+        if start_freq > target_freq
+          start_freq.downto(target_freq) do |freq|
+            next unless (freq % multiplier).zero?
+
+            init_freq_hash = init_freq(
+              gqrx_sock: gqrx_sock,
+              freq: freq,
+              demodulator_mode: demodulator_mode,
+              bandwidth: bandwidth,
+              lock_freq_duration: lock_freq_duration,
+              strength_lock: strength_lock
+            )
+
+            current_strength = init_freq_hash[:strength]
+            prev_strength = prev_freq_hash[:strength]
+            prev_freq = prev_freq_hash[:frequency]
+
+            approaching_detection = true if current_strength > prev_strength &&
+                                            current_strength > strength_lock
+            if approaching_detection && current_strength <= prev_strength
+              puts "\n**** Found a signal ~ #{prev_freq} Hz ****"
+              puts JSON.pretty_generate(prev_freq_hash)
+              approaching_detection = false
+            end
+
+            prev_freq_hash = init_freq_hash
+          end
+        else
+          freq = start_freq
+          while freq <= target_freq
+            init_freq_hash = init_freq(
+              gqrx_sock: gqrx_sock,
+              demodulator_mode: demodulator_mode,
+              bandwidth: bandwidth,
+              freq: freq,
+              lock_freq_duration: lock_freq_duration,
+              strength_lock: strength_lock
+            )
+
+            current_strength = init_freq_hash[:strength]
+            prev_strength = prev_freq_hash[:strength]
+            prev_freq = prev_freq_hash[:frequency]
+
+            approaching_detection = true if current_strength > prev_strength &&
+                                            current_strength > strength_lock
+            if approaching_detection && current_strength < prev_strength
+              puts "\n**** Discovered a signal ~ #{prev_freq} Hz ****"
+              puts JSON.pretty_generate(prev_freq_hash)
+              approaching_detection = false
+            end
+
+            prev_freq_hash = init_freq_hash
+
+            freq += multiplier
+          end
+        end
+      end
+
+      # Supported Method Parameters::
+      # PWN::Plugins::GQRX.disconnect(
+      #   gqrx_sock: 'required - GQRX socket object returned from #connect method'
+      # )
+      public_class_method def self.disconnect(opts = {})
+        gqrx_sock = opts[:gqrx_sock]
+
+        PWN::Plugins::Sock.disconnect(sock_obj: gqrx_sock)
+      rescue StandardError => e
+        raise e
+      end
+
+      # Author(s):: 0day Inc. <request.pentest@0dayinc.com>
+
+      public_class_method def self.authors
+        "AUTHOR(S):
+          0day Inc. <request.pentest@0dayinc.com>
+        "
+      end
+
+      # Display Usage for this Module
+
+      public_class_method def self.help
+        puts "USAGE:
+
+          #{self}.authors
+        "
+      end
+    end
+  end
+end

data/lib/pwn/plugins.rb

@@ -28,6 +28,7 @@ module PWN
     autoload :Fuzz, 'pwn/plugins/fuzz'
     autoload :Git, 'pwn/plugins/git'
     autoload :Github, 'pwn/plugins/github'
+    autoload :GQRX, 'pwn/plugins/gqrx'
     autoload :HackerOne, 'pwn/plugins/hacker_one'
     autoload :IBMAppscan, 'pwn/plugins/ibm_appscan'
     autoload :IPInfo, 'pwn/plugins/ip_info'

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.5.75'
+  VERSION = '0.5.77'
 end

data/spec/lib/pwn/plugins/gqrx_spec.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe PWN::Plugins::GQRX do
+  it 'should display information for authors' do
+    authors_response = PWN::Plugins::GQRX
+    expect(authors_response).to respond_to :authors
+  end
+
+  it 'should display information for existing help method' do
+    help_response = PWN::Plugins::GQRX
+    expect(help_response).to respond_to :help
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.5.75
+  version: 0.5.77
 platform: ruby
 authors:
 - 0day Inc.
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-03-26 00:00:00.000000000 Z
+date: 2024-04-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -212,14 +212,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.3.0
+        version: 3.3.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.3.0
+        version: 3.3.1
 - !ruby/object:Gem::Dependency
   name: faye-websocket
   requirement: !ruby/object:Gem::Requirement
@@ -716,14 +716,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 13.1.0
+        version: 13.2.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 13.1.0
+        version: 13.2.0
 - !ruby/object:Gem::Dependency
   name: rb-readline
   requirement: !ruby/object:Gem::Requirement
@@ -884,14 +884,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.27.1
+        version: 2.28.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.27.1
+        version: 2.28.0
 - !ruby/object:Gem::Dependency
   name: ruby-audio
   requirement: !ruby/object:Gem::Requirement
@@ -968,14 +968,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.122.0
+        version: 0.123.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.122.0
+        version: 0.123.0
 - !ruby/object:Gem::Dependency
   name: serialport
   requirement: !ruby/object:Gem::Requirement
@@ -1758,6 +1758,7 @@ files:
 - lib/pwn/plugins/fuzz.rb
 - lib/pwn/plugins/git.rb
 - lib/pwn/plugins/github.rb
+- lib/pwn/plugins/gqrx.rb
 - lib/pwn/plugins/hacker_one.rb
 - lib/pwn/plugins/ibm_appscan.rb
 - lib/pwn/plugins/ip_info.rb
@@ -2087,6 +2088,7 @@ files:
 - spec/lib/pwn/plugins/fuzz_spec.rb
 - spec/lib/pwn/plugins/git_spec.rb
 - spec/lib/pwn/plugins/github_spec.rb
+- spec/lib/pwn/plugins/gqrx_spec.rb
 - spec/lib/pwn/plugins/hacker_one_spec.rb
 - spec/lib/pwn/plugins/ibm_appscan_spec.rb
 - spec/lib/pwn/plugins/ip_info_spec.rb