注意细节

' OR 1=1 # //CTFlearn{th4t_is_why_you_n33d_to_sanitiz3_inputs}

super simple great way to show real-world example of SQL injection

It does not work. where is the admin to access me launch the lab?!

Hello, I know it's been a few weeks and you probably figured it out, but a little hint is to view the source page, it should reveal a few names to try on the challenge :D

I can't launch the lab. it shows me this message <Unable to launch challenge. Contact an admin>

This will work ' or '1' = '1

spoiler alert

I would also want to know why ' OR 1 = 1; -- statement does not work, but ' OR '1' = '1 is working. This ' OR '1' = '1 is mentioned in The Lab. I think reading Wikipedia SQL injection will help me to understand it. Also I like that comments supports markdown :)

You forgot to include the semicolon - it should read: ' OR 1 = 1; --. Also, keep in mind that in MySQL, comments must include a space after the double dash. See the "Comments" section in: https://portswigger.net/web-security/sql-injection/cheat-sheet

i couldn't solve it because im clueless in web, but i know Luke made that problem

Almost there :)

You're not "almost there" how is one supposed to have a single clue on how to "sanitize" it?

Sounds like you got the flag, you just need to submit it!

he was trolling you

can we share how we solve it or will it count as a spoiler. Or give hint to the user that have problem solving it.

did you get it

How is this easy? I literally have no clue what to do i looked up SQL injection and I have no clue where I'm supposed to put the true statement this makes no sense

Hey Carter. We will soon have better ways for people to learn on this site, hang in there!

SQL Injection Lab

for me i got "unable to lunch lab"

Years later, I'm also not able to launch the lab.

I'm going to touch you. Let me open the damn lab

If read the through the dog examples in the suggested reading it mentions in the instructions, it shows the exact thing you need to do. Check it out. It was incredibly helpful.