Help

hi, anybody can help me this:

  • 2 Use what you learned in this section find the content of flag.txt in the home folder of the user you previously found.

it’s part of command injection , 1. Bypassing Blacklisted Commands
i try : ip=127.0.0.1%0a+c$@at+${HOME:0:1}home…flag.txt but isnt’ work