FaceNiff is an Android app that allows you to sniff and intercept web session profiles over the WiFi that your mobile is connected to.
It is possible to hijack sessions only when WiFi is not using EAP, but it should work over any private networks (Open/WEP/WPA-PSK/WPA2-PSK)
It’s kind of like Firesheep for android. Maybe a bit easier to use (and it works on WPA2!).
FaceNiff captures usernames and passwords of anyone using the open wireless network (that isn’t using HTTPS) and it exposes the profiles of the users connected to such open networks when they log into social network sites like Facebook, Twitter, etc. that employ cookies for user authentication.
So the morale of this is that you login using HTTPS, Google it if yo don’t know how to.
