You must perform the simplest of SQL injection attacks.
Your objective is to get the query to return all usernames instead of just one.
PARAMETERS:
Query Type - SELECT query
Injection Type - String value in WHERE clause
Method - GET
Sanitization - None
Output - All results, verbose error messages, query shown