HackTheBox The Cartographer WalkThrough

Some underground hackers are developing a new command and control server. Can you break in and see what they are up to?
​
Now please note that every time you start the instance to attempt to CTF it gives you a new port and probably will give a different flag as well. In the spirit of Hack The Box, please do not read this until you have attempted the challenge, thanks!

After accessing the IP address provided by Hack The Box, the first thing I decided to do was send an SQL injection attack on the username and password login. The injection was: 'or'1'='1

This brought me to this screen, to which I noticed the URL change. I decided to test and see if this URL was vulnerable to injections as well and thankfully it is!

From here, I decided to type in flag for the info=' ', in the hopes that I would get lucky.

And low and behold I got lucky! The flag is HTB{Map_Th3_Pl4n3t}, congratulations!