0. 1.2 Escaping and Hashing

   The server uses the following PHP code, which escapes the username and applies the MD5 hash function to the password.

   if (isset($_POST['username']) and isset($_POST['password'])) { $username = mysql_real_escape_string($_POST['username']); $password = md5($_POST['password'], true); $sql_s = "SELECT * FROM users WHERE username='$username' and pw='$password'"; $rs = mysql_query($sql_s);

   if (mysql_num_rows($rs) > 0) { echo "Login successful!";

    } else { echo "Incorrect username or password"; 

   } }

   This is more difficult than the previous two defenses. You will need to write a program to produce a working exploit. You can use any language you like, but we recommend Python 3.

The target is a basic login page that uses the code above to check if login is successful