But how to get admin note? You need a or boolean blind injection .
When you log in or search a parameter field, submit a regular single quote ( ' ). The application handles this safely because it gets converted internally to \' . sql+injection+challenge+5+security+shepherd+new
The key is to understand how to . The vulnerability arises because the double quote is not escaped. But how to get admin note
import requests
Alternatively, according to some community solutions Security StackExchange , an alternative payload that sometimes works is " or ""=" depending on the exact version and backend configuration. Alternative Scenarios: Forgotten Password sql+injection+challenge+5+security+shepherd+new