Welcome to SQL Injection! In this challenge, you'll explore a vulnerable web application that suffers from SQL injection vulnerabilities in its user authentication system. The application processes user input without proper sanitization, allowing attackers to manipulate database queries and extract sensitive information.

• Understand SQL injection attack vectors and techniques
• Learn about blind SQL injection and time-based detection methods
• Practice database enumeration and data extraction techniques
• Develop skills in SQL query manipulation and exploitation

The challenge presents a corporate login portal that authenticates users against a SQLite backend database. You'll need to identify SQL injection points, enumerate the database structure, and extract hidden information to retrieve the flag. The vulnerability allows both boolean-based and time-based blind SQL injection attacks.

SQL injection vulnerabilities occur when user input is directly incorporated into SQL queries without proper sanitization or parameterization. This allows attackers to modify the structure of SQL queries, potentially accessing unauthorized data, bypassing authentication, or even executing arbitrary commands on the database server.