API

This document provides an overview and documentation for the API implemented in the provided code. The API allows clients to interact with a server for managing agents and uploading files.

Base URL

The API create its own nodejs server at this address

http://localhost:5000/

Endpoints

Create a New Agent

{
  "data": {
    "id": "<agentId>",
    "publicKey": "<publicKey>"
  },
  "error": {}
}
POST /api/agent/new HTTP/1.1
Host: localhost:5000
Content-Type: application/json

{
  "versionOS": "1.0",
  "host": "example.com",
  "hookUser": "john.doe"
}

Upload a File

{
  "data": {
    "success": "<filename> uploaded successfully."
  },
  "error": {}
}
POST /api/file/upload/123 HTTP/1.1
Host: localhost:5000
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW

------WebKitFormBoundary7MA4YWxkTrZu0gW
Content-Disposition: form-data; name="file"; filename="example.txt"
Content-Type: text/plain

This is the content of the file.

------WebKitFormBoundary7MA4YWxkTrZu0gW--

Database Connection

The API connects to a MySQL database for storing agent information. The database connection details are specified using environment variables:

User Folder Creation

The API creates a folder named /CTHULHU/users if it doesn't already exist. Additionally, for each agent created, a user-specific folder is created within /CTHULHU/users.

Folder Structure

The folder structure is as follows:

Folder Creation Process

When a new agent is created, the API performs the following steps:

  1. Checks if the /CTHULHU/users folder exists.
  2. If the folder doesn't exist, it is created.
  3. Creates a user-specific folder within /CTHULHU/users for the agent using the agent's ID.

Example

Let's assume that the API receives a request to create a new agent with the ID 123. Here's the folder creation process:

  1. The API checks if the /CTHULHU/users folder exists.
  2. If the folder doesn't exist, it creates the /CTHULHU/users folder.
  3. The API creates a user-specific folder named /CTHULHU/users/123 for the agent with ID 123.

The created folder structure would be:

RSA Key Pair Generation and Storage

For each agent created, the API generates an RSA key pair consisting of a public key and a private key. The key pair is generated using a modulus length of 4096 bits. The generated keys are stored in the MySQL database along with other agent information.

Key Generation Process

When a new agent is created, the API performs the following steps to generate the RSA key pair:

  1. Generates an RSA key pair using the crypto.generateKeyPairSync method with the following options:
    • Algorithm: RSA
    • Modulus Length: 4096 bits
    • Public Key Encoding: PKCS#1 format in PEM encoding
    • Private Key Encoding: PKCS#1 format in PEM encoding
  2. The generated public key and private key are converted to string representations.
  3. The public key string is stored in the pubKey field of the agent's record in the MySQL database.
  4. The private key string is stored in the privKey field of the agent's record in the MySQL database.

Example

When a new agent is created, the API generates an RSA key pair. Let's assume the key generation process produces the following keys:

The generated keys are then stored in the agent's record in the MySQL database.