It is possible to hijack sessions only when WiFi is not using EAP, but it should work over any private networks (Open/WEP/WPA-PSK/WPA2-PSK)
It's kind of like Firesheep for android. Maybe a bit easier to use (and it works on WPA2!).
*** ROOTED PHONE *** is required. Please note that if webuser uses SSL this application won't work.
This application due to its nature is very phone-dependant so please let me know if it won't work for You