Insecure deserialization - Python pickle

Exploit the insecure deserialization process made by the function pickle.loads() to archive a remote code execution (RCE) on the target system. Use the RCE to extract the flag which is located in the system enviroment variables.

Be aware

~ The second hint gives the exploitation code to create serialized payloads that can execute system commands on the target