Try to bypass authentication using SQL injection!

Find the flag user in the database.