Tags: web 

Rating: 0

# S-Q-L

Keith keeps trying to keep his flag safe. This time, he used a database and some PHP.



This is a simple SQL injection challenge. The username is admin. The injection string is:

' or '1'='1

In essence, what an SQL injection does is it "breaks" a comparison, injects the boolean OR operator, and then creates a scenario which will always evaluate to true, in essence making the entire comparison evaluate to true.