We need to develop a user API endpoint that exposes the various models that allow us to manage users, hash lists, campaigns, word lists, rule lists, and mask lists. It should also expose enough data to allow us to view the status of attacks, campaigns, and agents and download cracked hashes as John the Ripper-compatible pot files.
Objectives:
User Management:
Create endpoints for adding, deleting, and updating user information.
Ensure proper authentication and authorization mechanisms are in place.
Hash Lists Management:
Provide endpoints to upload, list, and delete hash lists.
Enable the association of hash lists with specific campaigns.
Campaigns Management:
Develop endpoints to create, start, pause, and stop campaigns.
Implement functionality for listing active and completed campaigns.
Word Lists, Rule Lists, and Mask Lists Management:
Create endpoints for managing word, rule, and mask lists.
Ensure these lists can be easily associated with campaigns.
Status and Monitoring:
Provide endpoints to retrieve the status of attacks, individual campaigns, and agents.
Implement real-time monitoring features to track the progress of ongoing tasks.
Result Handling:
Develop endpoints for downloading cracked hashes in John the Ripper-compatible pot files.
Ensure secure and efficient data transfer mechanisms.
Expected Behavior:
The API should be robust and handle large datasets efficiently.
Responses should be well-documented, and clear error messages should be provided in case of failures.
The API should be secure, with proper authentication and authorization measures.
Separation of Concerns:
Client API: This is intended for use by agent software and should not be modified or interfered with by the new User API.
User API: This is intended for interactive administrative CLI tools, which have a different intended use from the Client API.
Environment Details:
Language: Ruby
Framework: Ruby on Rails
Dependencies: the API should be an additional set of Rails controllers that accept and provide JSON data using the Rails 7-native technologies.
Additional Context:
This API will be used to develop a CLI tool to facilitate the easier administration of the CipherSwarm system.
Refer to Milestone 0.7 for related tasks and progress.
Steps to Reproduce:
Define the API endpoints and their functionalities.
Implement the endpoints following the outlined objectives.
Test the endpoints to ensure they meet the expected behavior.
We need to develop a user API endpoint that exposes the various models that allow us to manage users, hash lists, campaigns, word lists, rule lists, and mask lists. It should also expose enough data to allow us to view the status of attacks, campaigns, and agents and download cracked hashes as John the Ripper-compatible pot files.
Objectives:
User Management:
Hash Lists Management:
Campaigns Management:
Word Lists, Rule Lists, and Mask Lists Management:
Status and Monitoring:
Result Handling:
Expected Behavior:
Separation of Concerns:
Environment Details:
Additional Context:
Steps to Reproduce: