Nice writeup. Have you tried the code parameter there? Seems fishy because that might be vulnerable to command injection or something. Thanks for sharing this