Sqli

SQL injection in a login form — `' OR '1'='1` as username turns authentication into a formality and exposes the flag in one request.…

Anonymous FTP yields a ZIP cracked with john. The PHP login is SQL-injectable. pg_dump in a sudo rule lets vi escape to root — classic sudo abuse.…