Data Tampering

Description

Data Tampering occurs when an attacker is able to manipulate or alter data within a system—either in transit or at rest—without proper detection or authorization. This can compromise the integrity, accuracy, or consistency of critical information, leading to unauthorized changes in user privileges, pricing, transaction values, or system behavior.

Tampering attacks often target insecure APIs, client-side controls, hidden fields, or poorly validated server-side logic. If the system fails to implement strong input validation, integrity checks, or authorization controls, attackers may alter data values to gain an advantage, escalate privileges, or disrupt operations.

Common vectors include modifying parameters in HTTP requests, altering cookies or session data, injecting payloads in database queries, or manipulating client-side JavaScript to bypass restrictions.

Examples

Insecure Hidden Fields or Parameters

<input type="hidden" name="price" value="9.99">

An attacker using tools like Burp Suite or a browser developer console can change the price to 0.01 before submitting the request:

POST /checkout
price=0.01&product_id=123

If the backend does not revalidate the price, the attacker purchases the item at a manipulated cost.

Tampering with Cookies or Session Data

If session or authentication data is stored in client-side cookies without integrity protection (e.g., signed or encrypted), an attacker may alter it:

Cookie: role=user

Changing it to:

Cookie: role=admin

may grant unauthorized administrative access if the server trusts the cookie blindly.

Manipulating JSON or API Payloads

APIs that accept JSON requests are vulnerable if they don't validate sensitive fields on the server side:

{
  "user_id": 1001,
  "amount": 100.00
}

An attacker intercepting this request may alter user_id to transfer funds from another account:

{
  "user_id": 1002,
  "amount": 0.01
}

Lack of Server-Side Validation

If critical data (e.g., permissions, pricing, discounts) is validated only on the client-side, attackers can bypass controls by modifying JavaScript or using proxy tools to submit altered values directly.

Remediation

  1. Implement Strong Server-Side Validation

    • Never trust data from the client. All user input, parameters, and payloads must be validated and sanitized server-side.
    • Enforce strict schemas for API requests using tools like JSON Schema validation.

  2. Use Integrity Checks

    • Protect sensitive data in cookies or client storage using digital signatures (e.g., HMAC) or encryption.
    • Verify that values like prices or user roles cannot be manipulated outside the server.

  3. Avoid Relying on Hidden Fields or Client Logic

    • Do not expose critical variables (like pricing, roles, or privileges) in the frontend.
    • Recalculate and verify values such as discounts or totals on the server.

  4. Secure Communications

    • Use HTTPS to protect data in transit and prevent interception and manipulation via man-in-the-middle attacks.

  5. Implement Logging and Monitoring

    • Log all critical transactions and changes to detect tampering attempts.
    • Use anomaly detection to flag suspicious activity (e.g., frequent role changes, unauthorized transfers).

  6. Use Role-Based Access Controls (RBAC)

    • Ensure users can only perform actions and access data appropriate for their role.
    • Enforce authorization checks on every request, not just at login.

  7. Employ Hashing or Checksums for Critical Data

    • Use cryptographic hashing to ensure that data (e.g., files, records) has not been altered.
    • Verify hashes before processing sensitive inputs.