It is possible to hijack sessions only when Wi-Fi is not using EAP, but it should work over any private networks (Open/WEP/WPA-PSK/WPA2-PSK).
It's kind of like Firesheep for Android and it works on WPA2.
A rooted phone is required and keep in mind that if the user uses SSL this application won't work.
Confirmed to work on:
- HTC Desire CM7
- Original Droid/Milestone CM7
- SE Xperia X10
- Samsung Galaxy S
- Nexus 1 CM7
- HTC HD2
- LG Swift 2X
- LG Optimus Black - original rom
- LG Optimus 3D - original rom
- Samsung Infuse.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.