HTB Academy - Command Injections

'Find the output of the following command using one of the techniques you learned in this section: find /usr/share/ | grep root | grep mysql | tail -n 1’’

Has anyone completed this recently?
I feel like I have the code needed for this, but I cannot get the answer correct.

I have written - find /usr/share/ | grep root | grep mysql | tail -n 1
replacing:
starting with %0a for newline
space = %09
| = <<<
reversed the forbidden words

I’m getting the result if I remove | tail -n 1 part, but the last answer filepath is not the answer they’re looking for.
I’m not sure if the code is capturing, or supposed to catch both of the greps as AND or OR, I feel like I get the same answer if I just grep ‘root’ or ‘mysql’ alone, is the code even correct here: find /usr/share/ | grep root | grep mysql | tail -n 1

Thanks for help in advance!

It has been awhile, but I recommend trying the encoding method they mention in that section. I think it translates better, trying to replace all the pipes didn’t seem to work at all for me.
-onthesauce

I even went as far as to copy the output of: find /usr/share/ | grep root → text file

then:

cat x.txt | grep mysql | tail -n 1
/usr/share/vim/vim81/syntax/mysql.vim

But it does not seem to be then correct one, I’m at loss here haha