Dr. Hrabowski's Great Adventure

SQL Injection


President Freeman Hrabowski is having a relaxing evening in Downtown Baltimore. But he forgot his password to give all UMBC students an A in all their classes this semester! Find a way to log in and help him out.


(If you get an SSL error, try a different browser)

Author: Clearedge


To bypass authentication, the basic payload username=admin&password=' or 1=1;# works.

The flag is in the image's name attribute.

Last updated