Can you please explain and show how you would complete the following 2 SQL Injection Attacks tasks (2.1 & 2.2) using the SEED lab seed Ubuntu 16.04 Virtual Machine:

Task 2.1: SQL Injection Attack from webpage. Your task is to log into the web application as the administrator from the login page, so you can see the information of all the employees. We assume that you do know the administrators account name which is admin, but you do not the password. You need to decide what to type in the Username and Password fields to succeed in the attack.

Task 2.2: SQL Injection Attack from command line. Your task is to repeat Task 2.1, but you need to do it without using the webpage. You can use command line tools, such as curl, which can send HTTP requests. One thing that is worth mentioning is that if you want to include multiple parameters in HTTP requests, you need to put the URL and the parameters between a pair of single quotes; otherwise, the special characters used to separate parameters (such as &) will be interpreted by the shell program, changing the meaning of the command. The following example shows how to send an HTTP GET request to our web application, with two parameters (username and Password) attached:

$ curl

SEED Labs SQL Injection Attack Lab 5

www.SeedLabSQLInjection.com/index.php?username=alice&Password=111

Please include screenshots as you go, thank you!

If you need to include special characters in the username or Password fields, you need to encode them properly, or they can change the meaning of your requests. If you want to include single quote in those fields, you should use %27 instead; if you want to include white space, you should use %20. In this task, you do need to handle HTTP encoding while sending requests using curl.