Second-year MPhil student in the Department of Information Engineering in the Chinese University of Hong Kong. CTF, Maths enthusiast. A member of the Black Bauhinia (blackb6a) CTF team based in Hong Kong.
A simple demo of SQL injection. The SQL 'backend' is entirely client-side, courtesy of the wasm port of SQLite3. The syntax highlighting should help visualize which part of the query is treated as strings, code or comments.