Once you have broken out of the literal string using the \\' trick, you can append standard malicious SQL logic to manipulate the query. : \' OR 1=1; --
Before we inject our first payload, it is crucial to understand the environment. Security Shepherd is a deliberately vulnerable web application that teaches secure coding and penetration testing. The "Shepherd" metaphor is apt: it guides you through the pitfalls, but you must find the wolves yourself. Sql Injection Challenge 5 Security Shepherd
admin' //