Welcome to PunchStarter, you own crowdfounded service!
Create a new project with a fixed goal and a cool title.
In this challenge you goal is to read the flag from
flag(flag) using an SQL injection.
Good luck :)
Both input seems to be well filtered, however the goal variable is used in a dangerous way.
Can you find what the mistake is?
What append if you put a negative value as a goal?
Now you need to fix the original request, and use a subquery to extract the flag.
Use a negative goal to comment the end of the query
Then use a multiline string to "fix" the request while stealing the flag, don't forget to comment the trailing quote.
This will be commented
(SELECT flag from flag )) --