r00ster

The app on my phone, is the standard Facebook app from the marketplace. My wife is the iphone user and I have little to do with it but it would be whatever came on that phone. Like you I don't use FB either and also noticed that once you signed in it stayed signed in. I figured the -k option in sslstrip would make it have to re-authenticate. Certainly have some more options to try and if all else failed like Mr-P suggested I could take the gung-ho approach and listen on all ports. Thanks guys

I had planned on learning to use wireshark in a few weeks but your idea sounds interesting enough for me to make time this week :) Thanks dude I will post my results when I'm done.

I understand the part about not running through wifi even while connected that way but i'll admit the other part goes a bit over my head. Is there any way to test that idea?

Ok like everyone else who is trying to learn i've got Backtrack and messed around, done some wifi cracking and now i've progressed to tinkering with MitM attacks on my network. I've been able to successfully capture email and other ssl logins using sslstrip, but when I connect my Droid or an Iphone to my network via wifi I can't get it to sniff the login info. This is when the devices use the facebook app and not using a browser. Do those apps send out data on another port than 80? I've been googling for what I thought would be basic information on them but I have yet to find out anything about what port those apps use or the encryption. I'm assuming SSL on the encryption. Can anyone tell me what the problem is or point me towards some proper research material?