FaceNiff is an Android application that lets users access web sessions profiles over Wi-Fi networks, easily hijacking into the connected Facebook, Twitter, YouTube, Amazon and other accounts.
FaceNiff is developed by Bartosz Ponurkiewicz who created the Firefox extension Firesheep, that lets users hijack Facebook and Twitter sessions over Wi-Fi networks. Unlike Firesheep, FaceNiff works on WPA-encrypted Wi-Fi networks also.
FaceNiff is an Android app that allows you to sniff and intercept web session profiles over the WiFi that your mobile is connected to. It is possible to hijack sessions only when WiFi is not using EAP, but it should work over any private networks (Open/WEP/WPA-PSK/WPA2-PSK)
Bartosz says on his website that the app is for educational purposes only, and urges users not to install it if it is illegal in their country.
To get started, you need to download and install FaceNiff from the official website here.
The application is limited and can only be used to hack 3 social profiles. Users can donate via PayPal for an unlocked version of the application. The app is confirmed to be working on the following devices.
- HTC Desire CM7
- Original Droid/Milestone CM7
- SE Xperia X10
- Samsung Galaxy S
- Nexus 1 CM7
- HTC HD2
- LG Swift 2X
- LG Optimus Black – original rom
- LG Optimus 3D – original rom
- Samsung Infuse
Here’s a video of FaceNiff in action