I am really stuck at the payload to obtain the first shell. I know how to bypass restrictions, I know how to trigger the RCE with burp or from the web gui, but yet I cannot get any of the reverse shells I tried or ping myself. Any help would be appreciated.
Edit: I think I finally got it, it might be that if you create your own po***r instead of the default you need to have certain settings on it for it to be vulnerable.