Command Injections - Bypassing Other Blacklisted Characters

Hello everyone, Can anyone help me with this one?
I stuck on this academy section - Login : HTB Academy.

I used multiple scenarios but no luck:

127.0.0.1%0a{IFS}{ls,-la}${IFS}${PATH:0:1}Home
127.0.0.1%0a{IFS}{ls,-la}${IFS}${HOME:0:5}
127.0.0.1 ${LS_COLORS:10:1}${IFS}${PATH:0:1}home

I am not getting invalid input in the responses for the above, but no luck finding the username so i believe to be in the right path of solving it.
Can anyone give me a tip to continue?
thank you in advance

Go step by step.
First, find a payload that gives you something in return. Example just ls
If that works, extend your payload. Example ls /

If you found a payload which works here, extend your payload further.

1 Like

Could someone give a hint for this that is not this level of cryptic as the previous hints.