**Classic Attack Hint:** The login is vulnerable to SQL injection. Try to log in as `admin` without their password using a payload like `' || '1'=='1`.
**Time-Based Hint:** The app will have a significant delay if your `payload` evaluates to `true` for the target user. Use this to determine properties of their data, like the password length.
**Union-Based Hint:** Inject a payload like `' UNION SELECT * FROM users WHERE id=2` into the User ID field to retrieve hidden data. In this JS simulation, you can use `|| users.find(u => u.id === 2)` to get the data.
You are logged into your secure banking account.
Your Account Balance:
$
All registered user data: