Keith keeps trying to keep his flag safe. This time, he used a database and some PHP.
This is a simple SQL injection challenge. The username is admin. The injection string is:
' or '1'='1
In essence, what an SQL injection does is it "breaks" a comparison, injects the boolean OR operator, and then creates a scenario which will always evaluate to true, in essence making the entire comparison evaluate to true.