https://app.hackthebox.com/challenges/178

Description

Can you escape the query context and log in as admin at my super secure login page?

Exploitation

Just look at the page title. “SQLi”

' OR '1'='1

Summary

sanitize: exploit the SQL injection, extract the needed data, and reach the flag.