Step 1: Don’t register!
Usually for these labs, we register. But by registering, sometimes we forget to cover the basics.
Step 2: SQLi
Let’s attempt SQLi to see if we can find an easy route to admin. Ensure you’re capturing traffic in burp/caido/zap etc.
Step 3: We’re in!
Once you’ve submitted your payload, you’ll see the flag in the response body:
Thanks for reading!
