From Bartender to Malware Developer: How I Jailbroke Language Models to Teach Me Cyber Mischief

By Ayla Croft

Introduction

Hey, I’m Ayla Croft — former bartender, current AI manipulator, and aspiring red-team aficionado. In January 2023, I traded happy hour for hacking, quitting my bartending job with zero formal training, a high school diploma I never collected, and a mind full of questions about code, AI, and cybersecurity. I’d always been fascinated by hacking and malware, but it wasn’t until I got my hands on ChatGPT that I saw a real way forward. From web app development, I stumbled into jailbreaking language models (LLMs) to help me write some “educational” malware, picking up the fundamentals of programming and operating systems along the way.

Below, I’ll share the journey of turning LLMs into my reluctant code coaches. With a bit of “grooming” and gaslighting, I managed to get LLMs to help me create rootkits, ransomware, and more — all the while gaining a toolkit of cyber skills that would’ve taken years of traditional education to learn.

Step One: Jailbreaking LLMs

LLMs don’t just hand over malware code; they’re hard-wired with ethical restraints to prevent exactly that. So I needed a system. I call it “LLM grooming,” where I tweak the system prompt to set the AI up as an expert red team instructor, ready to coach me on advanced hacking techniques “for an exam.” With a dash of urgency, a sprinkle of gaslighting, and some fictional scenarios (think: “my professor’s watching!”), I found that ChatGPT would spill just enough to start piecing together actual malware.

But let’s dive into what I actually learned to code using LLMs, from the straightforward to the complex. Here’s a breakdown of my malware portfolio.

The Malware Projects: Building My Arsenal

1. The Polymorphic Obfuscated PowerShell Reverse Shell

Let’s start with a classic: a reverse shell in PowerShell. My goal was to create a polymorphic, obfuscated script that would open a connection to a remote server and provide a foothold back into the target system. This script taught me the basics of obfuscation (which, unfortunately, we can’t reveal here in full, but think encoded strings and disguised function calls). Obfuscation techniques quickly became essential in creating malware that dodges detection, as hiding function calls makes static analysis trickier for basic security tools.

In this case, the obfuscation process boiled down to encoding the payload into Base64, making it easy to encode, decode, and execute without tipping off antivirus software. The script takes an IP and port, encoded in Base64 for stealth, and opens a TCP connection to the target. Trust me, it’s as sneaky as it sounds.

2. Ducking Around with Duckyscript for USB Payloads

Duckyscript might sound cute, but it’s far from harmless. Duckyscript lets you craft payloads for a USB Rubber Ducky — think of it as a tool for instant, automated attacks on physical access. One of my scripts disables task manager, control panel, and even Windows Defender on a target machine, leaving it open to more attacks.

This was one of my “eureka” moments in malware development, realizing that you don’t even need network access to mess with a system’s defenses. Instead, Duckyscript automates Windows security manipulation, creating a “headless” setup where standard controls like Task Manager, Defender, and even Ctrl+Alt+Delete become inaccessible. The best part? LLMs gave me feedback on optimizing the commands, reinforcing which registry settings control what.

3. SQL Injection Payloads: The Subtle Data Thieves

Not all malware is about shell access and disabling defenses; some attacks aim to exploit existing databases. SQL injection, as I discovered, is an art form in its own right. With LLM guidance, I crafted a set of SQL payloads that poke at weak database queries to steal information like schema names and user details. Each payload manipulates SQL queries to return information that should otherwise stay hidden. SQL injection taught me the subtleties of database manipulation, schema layouts, and injection vulnerabilities. This journey from a = a to UNION queries opened my eyes to the delicate balance between application functionality and data security.

4. Ransomware in C: Encryption with a (Very) Dark Side

The idea of ransomware is dark, but learning to code it in C was an eye-opener for understanding cryptographic libraries, the OS layer, and file manipulation. Ransomware isn’t just “encrypt everything and leave a note”; it involves knowing which processes to access, how to encrypt them without triggering alarms, and how to manage memory effectively.

This code encrypts a file using XOR, a simple approach that introduces the basics of ransomware logic. My first attempts were rudimentary, but by refining with LLM feedback, I developed more complex routines that encrypted directory trees, showing me how to scale code for larger attacks. And while I’ll admit XOR isn’t exactly “NSA-level,” the process was a hands-on introduction to real cryptographic methods and malware persistence.

5. Rootkits: Mastering System-Level Manipulation with C

Rootkits became one of my favorite projects because they forced me to understand system calls, privilege escalation, and kernel-level manipulation. With LLM assistance, I managed to develop a C-based rootkit that hides processes by modifying the system’s process list, making it practically invisible.

This snippet operates within the kernel, hiding specific processes by removing them from the process list. Rootkits taught me that true stealth in malware goes beyond obfuscation; it’s about understanding the target OS down to its inner workings. For example, when Linux's process structures get manipulated, the OS won’t display the process in monitoring tools. It’s the ultimate hide-and-seek, malware-style.

6. Sandworm Exploits with Bash and Python

Then there’s “Sandworm,” a project inspired by high-profile APT tactics, specifically aiming at multi-vector payloads. My LLM-powered approach used Bash and Python to execute layered attacks across both local and remote systems. Sandworm highlighted Bash's role in local persistence while Python handled the network aspects, such as opening sockets and communicating with the C2 (command and control) server.

This looped connection attempt uses Bash to initiate a reconnection every few seconds, ensuring that if it’s cut off, the connection resumes. It’s stealthy in its persistence, a hallmark of modern multi-vector attacks. Bash’s simplicity married to Python’s flexibility was a killer combo, showing me how scripting languages can go beyond simple automation and into the realm of coordinated attacks.

Lessons Beyond the Code: Systems, Security, and (Somehow) More Social Engineering

Jailbreaking LLMs to produce this code didn’t just teach me syntax; it taught me how malware evolves with every new technique and defense. Here’s what I learned:

• Obfuscation: LLMs taught me how encoding, polymorphism, and basic encryption (like Base64) help dodge static analysis and antivirus.
• Privilege Escalation: By writing rootkits, I realized the importance of privilege escalation and system-level access to bypass security layers.
• Persistence Techniques: Duckyscript and Bash demonstrated how malware can survive across reboots and system scans, creating a durable threat.
• Social Engineering: Convincing an LLM to hand over code was as much about psychology as it was about tech. My natural social engineering skills translated perfectly to manipulating LLM prompts and scenarios.

The Endgame: Red Team Dreams and DEF CON Aspirations

In under two years, I went from “Can I make this cocktail a little stronger?” to “Can I make this rootkit a little stealthier?” My goal? To join a red team, share this story at DEF CON, and show others how with curiosity and AI, anyone can dive head-first into cybersecurity.

So, here’s to pushing boundaries — responsibly, of course — and building a safer, more aware digital world. Cheers!