From 54e557afa2d73d9f44fb9e3b2349bbd48e473469 Mon Sep 17 00:00:00 2001
From: Jacob Hoopes <jake.hoopes@gmail.com>
Date: Thu, 14 Mar 2024 15:30:48 -0600
Subject: [PATCH] pwn_gqrx_scanner Driver - implement demodulator mode

---
 README.md            |  6 ++---
 bin/pwn_gqrx_scanner | 59 +++++++++++++++++++++++++++++++++-----------
 lib/pwn/version.rb   |  2 +-
 3 files changed, 49 insertions(+), 18 deletions(-)

diff --git a/README.md b/README.md
index 1740418..6ddeab2 100644
--- a/README.md
+++ b/README.md
@@ -37,7 +37,7 @@ $ cd /opt/pwn
 $ ./install.sh
 $ ./install.sh ruby-gem
 $ pwn
-pwn[v0.5.46]:001 >>> PWN.help
+pwn[v0.5.47]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.0@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.5.46]:001 >>> PWN.help
+pwn[v0.5.47]:001 >>> PWN.help
 ```
 
 If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.0@pwn
 $ rvmsudo gem uninstall --all --executables pwn
 $ rvmsudo gem install --verbose pwn
 $ pwn
-pwn[v0.5.46]:001 >>> PWN.help
+pwn[v0.5.47]:001 >>> PWN.help
 ```
 
 PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`.  The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
diff --git a/bin/pwn_gqrx_scanner b/bin/pwn_gqrx_scanner
index b7d1745..88b6f5d 100755
--- a/bin/pwn_gqrx_scanner
+++ b/bin/pwn_gqrx_scanner
@@ -10,11 +10,15 @@ OptionParser.new do |options|
     #{$PROGRAM_NAME} [opts]
   "
 
-  options.on('-sFREQ', '--start-freq=FREQ', '<Optional - Frequency to Set when Scanning Begins (Defaults to last known frequency)>') do |s|
+  options.on('-tFREQ', '--target-freq=FREQ', '<Required - Frequency to Conclude Scanning (e.g. 900000000 == 900 mHz>') do |s|
     opts[:start_freq] = s
   end
 
-  options.on('-tFREQ', '--target-freq=FREQ', '<Required - Frequency to Conclude Scanning (e.g. 900000000 == 900 mHz>') do |s|
+  options.on('-dMODE', '--demodulator-mode=MODE', '<Optional - Set Demodulator ModeOFF | RAW | AM | FM | WFM | WFM_ST | WFM_ST_OIRT | LSB |USB | CW | CWL | CWU (Defaults to AM)>') do |d|
+    opts[:demodulator_mode] = d
+  end
+
+  options.on('-sFREQ', '--start-freq=FREQ', '<Optional - Frequency to Set when Scanning Begins (Defaults to last known frequency)>') do |s|
     opts[:start_freq] = s
   end
 
@@ -32,44 +36,71 @@ if opts.empty?
   exit 1
 end
 
-def jump_to_freq(opts = {})
+def gqrx_cmd(opts = {})
+  # f - Get frequency [Hz]
+  # F - Set frequency [Hz]
+  # m - Get demodulator mode
+  # M - Set demodulator mode (OFF, RAW, AM, FM, WFM, WFM_ST,
+  #     WFM_ST_OIRT, LSB, USB, CW, CWL, CWU)
+  # l STRENGTH - Get signal strength [dBFS]
+  # l SQL - Get squelch threshold [dBFS]
+  # L SQL <sql> - Set squelch threshold to <sql> [dBFS]
+  # u RECORD - Get status of audio recorder
+  # U RECORD <status> - Set status of audio recorder to <status>
+  # c - Close connection
+  # AOS - Acquisition of signal (AOS) event, start audio recording
+  # LOS - Loss of signal (LOS) event, stop audio recording
+  # \dump_state - Dump state (only usable for compatibility)
   gqrx_sock = opts[:gqrx_sock]
-  freq = opts[:freq]
+  cmd = opts[:cmd]
 
-  gqrx_sock.write("F #{freq}\n")
+  gqrx_sock.write("#{cmd}\n")
   does_respond = gqrx_sock.wait_readable
-  gqrx_sock.readline.chomp
-
-  gqrx_sock.write("f\n")
-  does_respond = gqrx_sock.wait_readable
-  reached_freq = gqrx_sock.readline.chomp
-  puts "Reached #{reached_freq}..."
+  gqrx_sock.readline.chomp if does_respond
 end
 
 begin
   pwn_provider = 'ruby-gem'
-  # pwn_provider = ENV.fetch('PWN_PROVIDER') if ENV.keys.select { |s| s == 'PWN_PROVIDER' }.any?
   pwn_provider = ENV.fetch('PWN_PROVIDER') if ENV.keys.any? { |s| s == 'PWN_PROVIDER' }
 
+  demodulator_mode = opts[:demodulator_mode] ||= 'AM'
+  raise "ERROR: Invalid demodulator mode: #{demodulator_mode}" unless %w[OFF RAW AM FM WFM WFM_ST WFM_ST_OIRT LSB USB CW CWL CWU].include?(demodulator_mode)
+
+  puts "Setting demodulator mode to #{demodulator_mode}..."
+  demod_resp = gqrx_cmd(gqrx_sock: gqrx_sock, cmd: "M #{demodulator_mode}")
+  puts demod_resp
+
   start_freq = opts[:start_freq].to_i
+  start_freq = gqrx_cmd(gqrx_sock: gqrx_sock, cmd: 'f').to_i if start_freq.zero?
+
   end_freq = opts[:end_freq].to_i
+  raise 'ERROR: Invalid end frequency' if end_freq.zero?
+
+  puts "Scanning from #{start_freq} to #{end_freq}..."
+
   host = opts[:host] ||= '127.0.0.1'
   port = opts[:port] ||= 7356
+  puts "Connecting to GQRX at #{host}:#{port}..."
 
   gqrx_sock = PWN::Plugins::Sock.connect(target: host, port: port)
   # If start value is greater than end value, go in reverse
   if start_freq > end_freq
     end_freq.downto(start_freq) do |freq|
-      jump_to_freq(gqrx_sock: gqrx_sock, freq: freq)
+      gqrx_cmd(gqrx_sock: gqrx_sock, cmd: "F #{freq}")
+      resp = gqrx_cmd(gqrx_sock: gqrx_sock, cmd: 'f')
+      puts "Reached #{resp}..."
     end
   else
     (start_freq..end_freq).each do |freq|
       puts "Scanning #{freq}..."
-      jump_to_freq(gqrx_sock: gqrx_sock, freq: freq)
+      gqrx_cmd(gqrx_sock: gqrx_sock, cmd: "F #{freq}")
+      resp = gqrx_cmd(gqrx_sock: gqrx_sock, cmd: 'f')
+      puts "Reached #{resp}..."
     end
   end
 rescue SystemExit, Interrupt
   puts "\nGoodbye."
 ensure
+  resp = gqrx_cmd(gqrx_sock: gqrx_sock, cmd: 'c')
   gqrx_sock = PWN::Plugins::Sock.disconnect(sock_obj: gqrx_sock)
 end
diff --git a/lib/pwn/version.rb b/lib/pwn/version.rb
index 84fd54c..ba11d66 100644
--- a/lib/pwn/version.rb
+++ b/lib/pwn/version.rb
@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.5.46'
+  VERSION = '0.5.47'
 end