Basic login page. When we submit the username as '' it returns the following error.
Uncaught mysqli_sql_exception: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ''''' at line 1 in /var/www/html/index.php:23
Stack trace:
#0 /var/www/html/index.php(23): mysqli->query('SELECT * FROM u...')
#1 {main}
thrown in <b>/var/www/html/index.php
Submit username and password as ' or '1'='1 and bypass the login panel.
Part 2: SQLi (DB Enumeration)
The admin panel says As you can probably tell, this page is currently under construction.
Checked the source, cookies, technologies etc but doesn't appear to be anything of use. Perhaps the flag is in the username/password and we need to return to the SQLi.