##### Vulnerability Recap
The app builds a query like:
```sql
SELECT * FROM users WHERE username = '[input]' AND password = '[input]'
```
If we inject:
```sql
administrator'--
```
It becomes:
```sql
SELECT * FROM users WHERE username = 'administrator'--' AND password = '[ignored]'
```
- `'--` starts a SQL comment, ignoring the password check
- Only `username = 'administrator'` is evaluated
- Password doesn't matter
---
##### Step-by-Step (Browser Only)
1. **Open the lab** in your browser
2. Go to the **Login page**
3. In the **Username field**, enter:
```
administrator'--
```
4. In the **Password field**, enter **anything** (e.g., `test`)
> It won’t be used – the SQL comment disables it
5. Click **Log in**
---
##### Expected Result
- You’re logged in as `administrator`
- Lab automatically marks as **Solved**
---