The challenge seems to be broken. I found the flag online, where someone used sqlmap to take over the database. Anyway, I tried to repeat their steps with no success at all. I also tried to guess the query structure by searching the following:
' OR 1=1 --sql
1 OR 1=1sql
' UNION SELECT 1 /* ...up to 24 columns */ --sql
1 UNION SELECT 1 /* ...up to 24 columns */
Nothing's worked - same, disappointing response every time.