Parameter tampering is a form of Web-based attack in which certain parameters in the Uniform Resource Locator (URL) or Web page form field data entered by a user are changed without that user's authorization. This points the browser to a link, page or site other than the one the user intends (although it may look exactly the same to the casual observer).
Parameter tampering can be employed by criminals and identity thieves to surreptitiously obtain personal or business information about the user. Countermeasures specific to the prevention of parameter tampering involve the validation of all parameters to ensure that they conform to standards concerning minimum and maximum allowable length, allowable numeric range, allowable character sequences and patterns, whether or not the parameter is actually required to conduct the transaction in question, and whether or not null is allowed.
Here is a common URL in a web application.
A malicious user could modifies
account parameter trying to view another person's account details.
Tampering a hidden field parameter is another common attack.
<input type="hidden" id="product-1" name="cost" value="70.00">
Another malicious user could modify
value parameter in a e-commerce web page and take advantage of this attack.
The application should perform an access control check to ensure the user is authorized for the request object or service:
USERtables to check that the given account belongs to the user. In most cases, this requires a JOIN operation between multiple tables.
Always check user input before using it because evil input is the root of cause of this type of threat. There must be validation performed in server side, since client-side validation cannot guarantee evil input to be avoided.
Hdiv web information flow control system control all the data generated at server side ensuring the integrity of the data generated at serve side. In addition to that and optionally is possible to ensure the confidentiality of the data generated at server side avoiding the exposition of critical (such as credit cards, etc.). Hdiv guarantees integrity (no data modification) of all the data generated by the server which should not be modified by the client (links, hidden fields, combo values, radio buttons, etc.). Thanks to this property Hdiv helps to eliminate most of the vulnerabilities based on the parameter tampering.