He Sent Me Minecraft Malware (Java Deobfuscation)
Key Takeaways
The video demonstrates Java deobfuscation techniques to analyze Minecraft malware, using tools such as JD-GUI, Sublime Text, and Java, and applies skills like llm_foundations, prompt_craft, and tool_use to reverse-engineer the malware and identify its functionality. The video also covers topics like encryption, code review, and vulnerability scanning, using tools like Blowfish, Chat GPT, and Sneak.
Full Transcript
so I received this email and it says hey John I came across a token or session stealer posing as a repository that I help contribute to I had some fun decompiling and deop skating the file and I figured you might as well they include the links to the actual project and the infected project and he includes the whole infected jar file it is Java a Java archive from the releases of the infected repository as a zip file as well as the main stealer itself as a separate zip file as it's located confusingly deep within the Java structure itself the file is a mod for Minecraft which in itself has obfuscated game code so there'll be some things symbols called like fieldcore 71412 D or whatever and they'll appear in the decompiled Java file however the mappings for that version of Minecraft I assume 1.8.9 can be both be found here and here they included that link we've got the password for the zip archive and this individual David hey big thanks David they've already reported both the GitHub project and the web host address the attacker but it should be a little bit of fun to Deus skate the code and find the juicy IP details of the attacker so let's dive in before we go straight into the code I will show you this repository apparently this mod is for Sky Hanny a Minecraft mod for Hypixel Sky Block uh now let me say I know absolutely nothing about modding Minecraft or Minecraft hacking or anything of that sort of nature but I do know maybe a little bit about malware and usually info stealer malware coming alongside of a video game is just all the time how people are infected so we could see the infected repository though David let us know hey that repository has been reported and now since taken down he also included the symbols here at least the links to these for I think Minecraft Forge or some of the things you could do to mod Minecraft and again I don't know any of these uh apparently it's just a list of good representation that the community has already analyzed and reverse engineered for Minecraft kind of cool kind of neat but I don't know if it's something that we'll particularly need while we dig through it they include another just as well but look let's just get to the code now I am inside of remu the reverse engineering maare Linux distribution and I'll go ahead and hit Control Alt t on my keyboard to open up a terminal I'll full screen that and zoom in a little bit and let me move into the directory that I created for this uh malware in the Minecraft mod now I have these two zip files that they were included in the email attachments ready to work here we have the infected jar. zip and the infected tweaks java. zip we could go ahead and use szip to extract these we'll just get the infected jar. zip the password included was 1 2 3 45 that will go ahead and Stage that out for us if we were to run file on that infected jar it thinks it's just a zip archive but it is a jar file they are often times one and the same really we can go ahead and extract the other infected tweaks Java and that again same exact password we'll go ahead and pull that down David had mentioned in his email that he pulled out the source code pertinent to the Steeler and the malare component but we could go track it down inside of the jar file itself so let me actually make sure that has a good file name or the file extension here we'll add a DOT jar at the end of it just in case I don't know things start to whine or it needs it because we'll use the utility JD goey now I believe this comes with remu you could probably track it down and find it on GitHub or some other resources online but if we open that up now we could go navigate to actually interacting with the infected jar. jar file I'll open this and this will decompile so to speak a lot of the code that was present in that Java archive now again this is supposed to be a Minecraft mod so it's filled with stuff that I don't know and don't understand but if we got to take a look around at some of these if you wanted to explore or dig into the syntax you certainly can they did note though at least in the file names this came with like a tweaks syntax so I'm curious this Dot env. lip that includes a tweak. class that looks a little bit sketchy if I were to actually expand this I'm not sure can I zoom in here will that actually make the text bigger yeah excellent here you can see everything needed to work with this package import things pertinent to Minecraft like net Minecraft Forge Minecraft Forge blah blah blah and then this public class tweaks is a little bit odd it has a static void for a function called LL that defines a variable I set to this big collection of strings that are all of these seemingly base 64 encoded strings and another entry included um odd peculiar seemingly hiding something but again Minecraft is usually obfuscated I appreciate David cluing Us in that hey this is in fact the malicious code if we want to hop back over to the terminal we can see that just as well I'm using Terminator by the way so I'll just use a Windows hotkey like Windows key and down you can configure that to actually open up another terminal but if I were to actually open up I'll use Sublime Text here the infected tweaks Java file that is setting the syntax to Java within Sublime Text this is the exact same file that we saw inside of JD Guy this is all the syntax just extracted and pulled out you can see putting these back to back uh JD goey has some trouble with decompiling some components of it but it's all the exact same code I'll work with this within Sublime Tex since we're really just kind of wanting to work with the syntax and the code itself we've really just used JD guey to decompile and get that code now scrolling through we see our LL function that's defining all of these odd entries in a big long list with base 64 encoded stuff presumably there's another function here just the letter i that is doing something or trying to with Dez the data encryption standard one encryption method in cryptography to be able to hey manipulate that data and at least hey have a key set to it I'm going to assume maybe all of these functions or variables things that are set here with the I function are using D or Dees with a key provided as another argument you can see that here if we actually try to search for that it's going to be used as the parameter argument and piece of actually decompiling desk excuse me decrypting with that crypto scheme there might be some others here but preinit is another function that's interesting that has a little bit more Minecraft components to it an event handler with initialization function I assuming that ends up with obfuscated variable names right obviously this all looks like nonsense but that actually makes an HTTP URL connection based off of one URL from our L array with the encrypted and encoded data up here H little bit interesting a little bit peculiar just as we noted in the email pretense hey this is just probably going to be an info stealer it's going to steal your maybe I don't know Discord credentials Minecraft information anything that might be able to pull out so what we might be able to do if we wanted to through all of this syntax we could and you'll note some of the fields or the Minecraft symbols that they reference could we unravel this could we see if we can decrypt those big long string values at the top and get a better idea as to what it's sending and where it's sending all that data to as it steals it and detonates that malware payload we can keep scrolling because there are more functions for us to examine here we're nowhere near the end of the code yet but at least getting close here's another function this L presence and that actually looks like it's using another argument and parameter with now just simple B 64 decoding that tries to get bites and convert it to a character array and spit it all together some way somehow okay then we have another for lii seemingly a trend with this obfuscation technique and that ends up using Blowfish as a crypto scheme here so we have Des we have Blowfish maybe some strings in the mix and another lii that is doing a lot of exor operations with random numbers and digits and probably manipulating something some way somehow so that's peculiar but look later down we are getting to the end now there is a subscribe event and I'm going to assume in the Minecraft modding realm this means that when a player first joins I don't know a server or another Minecraft world then it will fire off some of these functions based off of an event that's passed in uh trying to see if it could I don't know have some little small techniques to obuse gate or at least make some behavior that looks strange in different conditions as to whether or not a variable that's passed in was true or false or whatever just misdirection here really It ultimately ends up executing stuff based off of the functions so we could use all of this as good context to try and unravel all of those encrypted and encoded strings in fact we might be able to put together our own little Cryptor since we have the syntax here so I wonder if we could try that let me build out a Java class some Java source code try to compile it and then use the code even to unravel itself like I don't need to care about all these obfuscated names l i II whatever that is something we can just sort of zoom out an abstract away because we can smartly take the pieces that we might need to be able to extract all these so let's do it let's try to create a new file and we can call this like decryptor do Java it is a Java file here and let's import all the things maybe necessary for working with this maybe some of these we don't need but we do certainly need hey all the cipher and crypto operations here can I pull those down we don't need the Minecraft stuff because we just want to unravel the strings and the data here but let's try to put those in and let's remove the Minecraft chunk and then we can copy and paste the same sort of syntax that ends up building a class for us to work with we called ours decryptor so that it has to match given the name of the file that we chose with Java once we've created that we'll end up building out like a public static main function I think I forget how to do all that in Java I'm really not a Java guy by any means let me just do a super simple sanity check can I system out print Ln I think that's how you just do standard output in Java we'll do a dumb simp simple hello world with all that stuff imported and let's see if we can compile that and work with it back on the command line so let me use Java C to compile our decryptor do Java and let's see how wrong I was oh yep okay totally missed something we don't have orache Commons string Escape untils that's fine we probably don't even need it let's go ahead and remove that import and then get back to compiling this and it seems to work no errors there so let me run now that we have that in our current directory a decryptor do class file we'll just tell Java to go ahead and run our decryptor and that oh breaks it needs a capital M for main are you kidding me oh lower case I was wrong how about this will that work recompile it duh I'm stupid how about now oh you need the arguments too dude all right this video is off to a great start let's just use the exact same sort of uh declaration that they used and how about now I promise we'll get there for a stupid hello world in Java there we go okay now we can PEC meal some of the components from that payload the info stealer itself and let's see what we could build if we actually look back here we know that well ultimately there are some functions that will stage our LL and all the other things that we do to get this big long list of strings in fact it's all based off of this in L array so we should probably specify that just as well we'll include that and I can put these side by side just so you can see them in action let's move this over to the right side and then let's move our code over to the left now I'll add in that public static final int L have that declared for us and then this function up here private static void l l let's copy and steal and maybe manipulate just a little bit I want to go ahead and bring that here but I actually don't want to deal with this I variable because what I'd love to be able to do is just have these functions that would decrypt all of the crypto scheme string encoded encrypted data just spit it out onto the terminal like let me see what the value is because that's all I really care about not going to lie so what I'll do is remove this dumb I variable that's defined up here and I'll go ahead and select all of these lines in Sublime Text I am using Sublime Text as my editor of choice of course you might use whatever you prefer but with Sublime Text I can actually use the hotkey control shift L and that will make multiple cursors across multiple different lines so if I wanted to just chop out the first chunk here that sets this inside of that I variable again I don't need it but H you see a little bit of the white space is wrong here so let me use contrl shift in the arrow keys to move smartly between word boundaries with that I can select all the stuff prior to just running the function to decrypt them and clean it up with that we are looking good now we've got all of that defined and running inside of our LL function but what else is done in the actual payload of course we'll need these functions themselves like for DS or Blowfish or the others and we can collect these let's go ahead and bring them back into our little playground on the left hand side we'll just slap it in nice and easy we'll keep going back and forth but we don't need any of the Minecraft stuff to worry about cuz I'm not going to run this within Minecraft uh as much as I love the game I haven't played it in how however many years other than log 4J there's this pretty sweet video I was happy about the log 4J video let's get the other one the other encoding function L and that just does some string manipulation so let's copy that bring it into our capability here and let's keep cruising this is all we're doing it's super small super simple just abstracting out look all of those crazy variable names we're just going to ignore them but understand look these are the puzzle pieces that it all actually works with we can grab the very same for our Blowfish capability let me drag that in copy and paste and you might notice one thing down below that is actually building out probably the capability of this package we actually have some static stuff to find where it calls lii and LL now we know that LL just above is where we Define all of the encrypted strings and the data that we're really interested in so that happens second but something happens before it in which case our lii function now that we can see down below if we actually double click you'll see that's highlighted that's going to end up changing or setting some of the variables and the values inside of that Big L array where all of this was already staged to start with so part of me wonders look can we just take this make sure that's capable and worthwhile for us and then let's get that in our code you know what I'll bring that above actually just so we know that hey that's probably uh following the Declaration of all of our encrypted strings so now we have that staged and ready for us but what will be our main function as we want to actually execute this locally just as some script just as some program that will run to decrypt all the data not within Minecraft not as a package we basically want to still have the same functionality as that little static call here for lii and LL we're just putting them in place so that they're able to be called in the good placement we'll modify our little print line to decrypting Strings and then we'll call our LL and l i i whatever I'm saying way too many of these letters uh just out and about there we don't need to wrap that in static we can just call those functions and whites space is getting all weird because of the copy and paste but look it doesn't matter honestly now since the current EX ution of these functions i l Li I and all this crap doesn't actually do anything it just decrypts the data but doesn't use them in more of the payload right now all it does is return the value out and we're not storing that we're not we're literally just calling the functions I think we're okay to try and Sanity check ourselves and see will this even execute right now without any errors will it compile and work well for us so let's get back to our terminal and let's do that same process we compile it and okay already broken cannot assign a value to a final variable L um that's defined there on line 82 we can see so can I just get rid of that I'll let contrl G in Sublime Text to jump to that can I just remove that and maybe then it'll work and go away uh let me try that okay that error is gone I think well we had four errors to start with and now we're just down to three but now we're doing some other Oddball stuff incompatible types Cipher cannot be converted to a short well yeah cuz it's an object why that's weird why is that done to begin with um a short cannot be D referenced well yeah you're trying to do functions from a cipher object H I don't think that those should be defined as short I feel like those should just be a cipher type is that right let's try that out and see if we have less errors now Java see four errors okay no I made it worse now I'll be the first to admit this is where I would press the easy button and I would say chat GPT can you please tell me what I'm doing wrong because I don't know Java and I think this code should run considering we got it from malware and a payload that was seemingly already functioning but uh we're just getting the syntax wrong and we can't play with it the right way so let me just do that I'll copy and paste this in the air and see if it can standle check me and tell me what I'm doing wrong and maybe it'll even be able to deobfuscate or Unravel some of these variables even though they know we're just staging those crypto schemes but actually that might be a fine segue while we're chatting about artificial intelligence and our AI overlords using that especially for code review I'd love to tell you a little bit about the sponsor of today's video sneak I use sneak to scan for vulnerabilities in my software development projects and if you aren't familiar sneak scans your code dependencies containers and configurations in real time making it super easy to keep your applications secure you can use sneak for free forever with my link below and you can import your repositories and let sneak do the work for you to find and fix your vulnerabilities and there's some pretty cool and exciting news sneak has just released a collaboration with tryck me check out the new sneak code and sneak open- Source rooms to explore real world scenarios learn to identify and fix vulnerability and enhance your security skills get started with sneak today totally for free and try their new RS on try hacking all with the links Below in the video description jh. live sneak and jh. live [Music] sneak-up chat jiy I have this code paste that all in let me go back to get our error let me actually kind of get a clean slate we'll run that again just to make sure that I don't have any issues here yeah these are the three errors we were working with previously we can copy and paste this and let's see what chat gbd tells me but I keep getting these errors paste that in can you please fix this code and give me the syntax to properly create these decryption functions let's see how you do with that yep okay oh that should be a cipher as we were thinking short will not work for us so it actually is going to define a decrypt mode uh you could probably just use the constant rather than make another one there but that's fine now we have decrypt as I don't you don't need to change the function names guys and decrypt Blowfish void main will do all those things yeah I I appreciate the example usage I literally just wanted you to correct the functions but this should be fine we'll copy and paste this for our Blowfish capability we'll do the same for our exor and decrypt Dez and I think we're good that let's make those changes let me scroll down to our Blowfish copy here paste that syntax in oh we will need to deal with the arguments though because those have a different name now so encrypted text should be first right and then the key is what is following that so presumably that should work um let's just again validate will that give us ideally less errors try to run this uh more errors back in the code here we'll go ahead and make these changes and maybe we could just go back to what it was in case we get any other stupid errors for uh Blowfish but I think we're good fingers crossed we'll just change those arguments and now back to the command line can we compile oh gosh all right well the first one isn't bad that should just be cipher. decrypt mode or defining that variable like they did in chat jpts output but then 153 157 and 172 okay same thing whining so let's fix our Cipher decrypt mode same thing with our Cipher decrypt mode and what were those other errors again 148 149 53 and 57 where is that okay that's an L which would have been our xor decoder so we could probably clean that one just as well maybe I'm just getting ahead of myself let's see if just that inner functionality from chat GPT would be fine here and we'll change the variable names as usual for our secret key and encoded text do they actually include the key presuma yeah I think that's what it should have been called yeah all right so let's try this fingers crossed okay now it's just whining about our variable L did we get that wrong looking back at the original payload it just defines I it's declared here as it should be I think it was the L function yeah or lii that ends up just giving it uh its value and actually defining it I don't think we copied that line in our rendition uh no we did not okay so let's just uh slap that in just as well and wh space is going to get all weird and wacky but fingers crossed now we've got this it's a final variable and it won't like it so okay we'll get back to final gosh look at all that stupid back and forth error whack-a-mole but there we go okay at long last we've got that to run or at least compile and running it will do nothing because all it's doing is displaying our decrypted strings and then letting it happen but the functions to decrypt them don't print them out right now so we should actually go ahead and make those changes to make sure that it will display actually the whole string variable here so whenever it tries to return something new we can actually just print that out right rather than return we can actually set that to another another variable like output and then we should be able to system out print line that output variable right we will need to add our semicolon there and then return an empty string because this variable or function here does still require a string return type we did that for our desk function let's do it just as well for our kind of string xor here we can say string output equals let's output that with print line be sure to return an empty string because again we don't care we just want the output and we'll do that just as well for our Blowfish one string output equals that print line once more to display that output onto the screen screen and return an empty string now fingers crossed if I compile this no errors and now when we run it we see oh all of the decrypted strings this is looking pretty cool obviously look these are the components for what would be in the actual invoked payload our decrypting strings we can see a URL right here probably where it's going to end up posting to all of the data application Json with a heter type very likely and oh another check IP to Amazon neat some file not found strings that we saw we actually saw some like file operations in that major function right Discord not found and getting feather accounts getting Microsoft accounts user home lunar client Discord whoa is this a regular expression maybe okay but then finally down below you might very well be able to see okay I don't know what this pizza client in Cole Sky Block Mod is I I'll need some other Minecraft folks to fill me in on that one but the Json blob that gets sent actually gets the username unique identifier their token probably stolen from Discord or whatever of these the IP address of the victim feather account Essentials information lunter and Discord oh that's that's crazy cool it is a Steeler it's info stealer malware as a Minecraft mod that's Bonkers fake Minecraft mod right it's it's it's Rogue and infected now I got to be honest we don't need to drive too far much down the rabbit hole here if we really wanted to we could take a look at those strings side by side with where they would be in the original payload like if I go back to looking at just our infected tweaks move that to the side and then we get into the big function for preinit that will end up using the URL I l0 which we've just determined is that URL here https that thing dxx y on setting these properties like headers for the content type and application Json and everything that would fill in here if you really really wanted to we could do something stupid either in Java or like python keeping it easy to replace those and see that syntax uh but look rather than using some other online tools like I don't know Java Diop skater on GitHub I've always had trouble with that one personally I don't know if I'm just dumb well I I I do know that I am dumb but I can never get this one working the way that it should like I can go ahead and grab the dependencies I can set up the detect. yml file and have it work with that and use some Transformers but it never seemed to actually run them for me and I don't know which Transformers I want I just my smooth brain like run them all do it all for me um there is a graphic user interface one where you just check the box to be able to like do it but that had the dependency of Java FX and I didn't really want to deal with that I was troubling I was struggling with that because oh you got Java you want the JRE you want the jvm you want the jdk you want that for version 8 Version 9 10 11 18 I don't know drop was just super annoying and stupid you heard I'm sorry that's that's my hot take so we did it with that stupid hand Jam method where we were to zoom out of all the abstraction all the nonsense all the LL stupid rename variables and stuff to at least get a basic idea of it stealing some information using the info stealer M and posting that to all of those locations here like the command and control server if you really want to call it that with that location and taking a look at the data that it would steal username uu ID token feather Essentials that's still pretty crazy with all that said hey thank you so much David big shout out thanks so much for sharing this with me and especially thank you for doing the Good Samaritan stuff to report the GitHub project and the web host address of the attacker but kind of neat kind of cool uh this was a sweet project and a fun little dication thanks so much glad we got to make a new a video but seriously I say it all the time at least I've said it previously like hey send me malware just fire it up you can contact me links Below in the video description please give some love to our sponsors and do all those YouTube algorithm things like comment subscribe and I'll see you in the next video
Original Description
https://jh.live/snyk || Try Snyk for free and find vulnerabilities in your code and applications! ➡ https://jh.live/snyk
Learn Cybersecurity - Name Your Price Training with John Hammond: https://nameyourpricetraining.com
Learn Coding: https://jh.live/codecrafters
WATCH MORE:
Dark Web & Cybercrime Investigations: https://www.youtube.com/watch?v=_GD5mPN_URM&list=PL1H1sBF1VAKVmjZZr162aUNCt2Uy5ozAG&index=4
Malware & Hacker Tradecraft: https://www.youtube.com/watch?v=LKR8cdfKeGw&list=PL1H1sBF1VAKWMn_3QPddayIypbbITTGZv&index=5
📧JOIN MY NEWSLETTER ➡ https://jh.live/email
🙏SUPPORT THE CHANNEL ➡ https://jh.live/patreon
🤝 SPONSOR THE CHANNEL ➡ https://jh.live/sponsor
🌎FOLLOW ME EVERYWHERE ➡ https://jh.live/twitter ↔ https://jh.live/linkedin ↔ https://jh.live/discord ↔ https://jh.live/instagram ↔ https://jh.live/tiktok
💥 SEND ME MALWARE ➡ https://jh.live/malware
🔥YOUTUBE ALGORITHM ➡ Like, Comment, & Subscribe!
Watch on YouTube ↗
(saves to browser)
Sign in to unlock AI tutor explanation · ⚡30
Playlist
Uploads from John Hammond · John Hammond · 0 of 60
← Previous
Next →
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
Code Commentaries? PHP to JavaScript in Bash and PHP!
John Hammond
Tutorials? MySQL connection with PHP and Bash!
John Hammond
Variable Naming in Python! Happy Birthday, Linux! Nokia N900!
John Hammond
JavaScript Splits The URL!
John Hammond
HTML Tables in Python!
John Hammond
HTML, Net Shares, GML!
John Hammond
Python 08 Programming Style and Comments
John Hammond
Python 26 Object Oriented Programming
John Hammond
75 Python Tutorials, Out Now!
John Hammond
Batch 14 Mathematical Expressions
John Hammond
Batch 85 Array Append
John Hammond
Batch 86 Array Count
John Hammond
Batch 87 Array Index
John Hammond
Batch 88 Array Insert
John Hammond
Batch 89 Array Remove
John Hammond
Batch 90 Array Reverse
John Hammond
Python [colorama] 00 Installing on Linux
John Hammond
Python [colorama] 09 Cursor Position
John Hammond
Python [hashlib] 02 Algorithms
John Hammond
Python 00 Installing IDLE on Linux
John Hammond
Python [pygame] 11 Rectangular Collision Detection
John Hammond
Python [pygame] 12 Platforming Rectangular Collision Resolution
John Hammond
Python [XML-RPC] 01 Research
John Hammond
Python [pyenchant] 03 Personal Word Lists
John Hammond
FancyURLopener Authentication and User-Agent [urllib] 03
John Hammond
Python 04: PEP8 Coding
John Hammond
Python Challenge! 17 COOKIES
John Hammond
Google CTF 2016: Ernst Echidna
John Hammond
Google CTF 2016: Spotted Quoll
John Hammond
Google CTF 2016: Can you Repo It?
John Hammond
Google CTF 2016: No Big Deal
John Hammond
Google CTF 2016: In Recorded Conversation
John Hammond
Homemade CTF Challenge: 01 "Orchestra"
John Hammond
Homemade CTF Challenge: 02 "Bae's Base"
John Hammond
Homemade CTF Challenge: 03 "Web Hunt"
John Hammond
Homemade CTF Challenge: 04 "UPX"
John Hammond
Homemade CTF Challenge: 05 "The Assumption Song"
John Hammond
Homemade CTF Challenge: 06 "A Brisk Stroll"
John Hammond
Homemade CTF Challenge: 06 "I lost my password!"
John Hammond
web25 :: Mr. Robot : EKOPARTY CTF 2016
John Hammond
web50 : RFC 7230 :: EKOPARTY CTF 2016
John Hammond
misc50 : Hidden inside EKO :: EKOPARTY CTF 2016
John Hammond
Hack The Vote 2016 CTF: Sander's Fan Club [web100]
John Hammond
Hack The Vote 2016 CTF Warpspeed [forensics150]
John Hammond
Juniors CTF 2016 :: Black Suprematic Square
John Hammond
Juniors CTF 2016 :: Six Strange Tales
John Hammond
Juniors CTF 2016 :: Lost Code
John Hammond
Juniors CTF 2016 :: Here Goes!
John Hammond
Juniors CTF 2016 :: Southern Cross
John Hammond
Juniors CTF 2016 :: Clone Attack
John Hammond
Juniors CTF 2016 :: Dirty Repo
John Hammond
Juniors CTF 2016 :: Hackers Blog
John Hammond
Juniors CTF 2016 :: Voting!!!
John Hammond
Juniors CTF 2016 :: The Good, The Bad and The Junkman
John Hammond
Juniors CTF 2016 :: Stop Thief!
John Hammond
Juniors CTF 2016 :: ROFL
John Hammond
Juniors CTF 2016 :: Restriced Area
John Hammond
Juniors CTF 2016 :: Oh SSH!
John Hammond
HackCon CTF 2017 TRIVIA and BONUS Challenges
John Hammond
HackCon CTF 2017 "Bacche" Challenges
John Hammond
More on: Tool Use & Function Calling
View skill →
🎓
Tutor Explanation
DeepCamp AI