Bypassing Other Blacklisted Characters

Anyone could help me? I am stucked at Bypassing Other Blacklisted Characters of command injection.

I tryied a lot of combinations to bypass the input validation using Environment Variables. But none of them brings me the return of the commands, for example: ${SESSION_MANAGER:0:1}${SHELL:7:1}${PATH:0:5}. I tryed that on my terminal, and it works on my local machine.

I need to know how to get the return of this commands on burp sweet, seens they are bypassing the filter once ping returns.

I already tryied other things that are presented on de module like {ls, -la} or \n %0a , again ping runs, but no return of the command execution

Hello. It is not mandatory that your env on local machine is the same with AIM’s one. Hint: look into aim’s env and then play simpler