Hi.I have to pen test altoro mutual site(https://demo.testfire.net) for a pr

1. Hi.
2.  
3. I have to pen test altoro mutual site(https://demo.testfire.net) for a project. The site uses DERBY DB.
4.  
5. I have discovered that its login page is vulnerable to blind boolean sqli.
6.  
7. I have discovered that there is a table called accounts under schemaname of APP (ie. APP.accounts).
8.  
9. I typed in
10.  
11. Username: admin' and (select count(user) from app.accounts where user like '%a%')>0--
12. Password: anything
13.  
14. This tests whether there is a user that contains a letter 'a'. If the test succeeds altoro mutual site logs in. Otherwise it says "Login Failed: We're sorry, but this username or password was not found in our system. Please try again."
15.  
16. I've tried the same test but this time iterated from a-zA-Z. But it never succeeds in logging in which tells me that maybe Username is not English alphabet. But this is unlikely.
17.  
18. So my problem is I don't know why LIKE operator doesn't return a result that is expected.
19.  
20. I also tried
21.  
22. Username: admin' and (select count(user) from app.accounts where user not like '%a%')>0--
23. Password: anything
24.  
25. And this time every iteration of a-zA-Z logs in. So this result also tells me Username does not contain a letter.
26.  
27. Lastly this one works (it logs in)
28.  
29. Username: admin' and (select count(user) from app.accounts where user like '%')>0--
30. Password: anything
31.  
32. Can you help me why LIKE operator fails when user LIKE '%a%' and so on?
33.  
34. THX