iJack
About:
This is the iJack project ("ijack") This project was registered on SourceForge.net on Sep 10, 2009 by Melchi Salins.
This is a proof of concept program to show that deployment of services that use weak two factor authentication system are vulnerable to theft of services.Here theft of internet services is shown where no prior knowledge of the Username or Password is required and by just spoofing the second factor or the authentication i.e MAC of the network interface card and attacker can take over an already established connection, this program further extends its functionality and block the communication of the victims machine with the gateway so that he doesn't log out of the service,this lets us continue to access the Internet service with out any interruption.
Tested against SifyBB and 24online login client and several web based login system.
Download
iJack in Action:
Internet Session Hijacking from melchi on Vimeo.