Sniff and intercept web session profiles on Android

FaceNiff is an Android app that allows you to sniff and intercept web session profiles over the Wi-Fi that your mobile is connected to.

It is possible to hijack sessions only when Wi-Fi is not using EAP, but it should work over any private networks (Open/WEP/WPA-PSK/WPA2-PSK).

It’s kind of like Firesheep for Android and it works on WPA2.

A rooted phone is required and keep in mind that if the user uses SSL this application won’t work.

Supported services:

  • FaceBook
  • Twitter
  • Youtube
  • Amazon
  • Nasza-Klasa.

Here’s a video of FaceNiff for Android in action on LG Swift 2X:

Confirmed to work on:

  • HTC Desire CM7
  • Original Droid/Milestone CM7
  • SE Xperia X10
  • Samsung Galaxy S
  • Nexus 1 CM7
  • HTC HD2
  • LG Swift 2X
  • LG Optimus Black – original rom
  • LG Optimus 3D – original rom
  • Samsung Infuse.