Loading page
Review the challenge brief, files, and requirements.
The admin login form builds its authentication query unsafely and returns a flag only to an administrator session. Break the login check with SQL injection, impersonate admin, and recover the flag.
Sign in to attempt this challenge.
This challenge is played in the labs environment.
Open Labs