What is Parameter Tampering and Temptation Attack in Penetration Testing & Cybersecurity?
Table of Contents
- Understanding Parameter Temptation and Tampering
- Testing Advance Parameter Temptation
- Test your knowledge with a quick quiz!
Understanding Parameter Temptation and Tampering
Parameter temptation is a process where the parameters found during pentesting are tampered with or modified to change the output.
Sometimes, the hackers manipulate the URL parameters to find the details or data that was supposed to remain unavailable to end-users. The risks of the parameter temptation depend on which parameters are being tampered with.
The aim of doing parameter temptation can be to access the files above the web root, find database information and run arbitrary OS commands.
For example, attackers try parameter temptation of eCommerce sites to change the pricing of the product being ordered.
Testing Advance Parameter Temptation
Testing Advance Parameter Temptation
Test your knowledge with a quick quiz!
The process of changing the value of the parameter for manipulating output is called?
Select the correct answer