Tags: web

Rating:

# Baiting

If we log in with the credentials from Entrypoint, we can see a list of users.

One of these is called "loginToGetFlag", so we'll try to log into this one.

We get a SQL error if we put a ' so we can try SQL Injection payloads.

loginToGetFlag' --