Forgot way too often how to tamper with sqlmap.
For this one below, the goal here is to simply pass a second parameter h that is a hash to verify the payload is indeed sent by a friendly agent knowing the key, or knowing the hash corresponding to the page.
Comments