IT'S ALMOST THE EASIEST CHALL IN THIS COMPETITON !
THIS IS THE FIRST PART OF THE FLAG .
A loose comparison is one performed using two equals signs (==
).It follows suit with the “best-guess” approach, which can lead to some unexpected results.
TAKE A LOOK INTO THIS TABLE$row=@mysql_fetch_array(mysql_query("select * from admin_password where password='".md5($ps,true)."'"));OFCORSE WE DONT HAVE IDEA ABOUT PASSWORD , SO WE MUST FIND A WAY TO BYPASS THIS QUERY BY SQL INJECTION !