from Episode114 - PaulDotCom Security Weekly

Wow, all kinds of fun stuff here. The first thing it does is setup a database, which is where all of our results will be stored. Next, it loads modules to put up a captive portal for the user and collect all user cookies. It does this in an ingenious way, it actually tells the browser to connect to a list of popular web sites (which can be modified, do a “show options” once metasploit loads after running evilap.sh to see where to edit the files). Once the browser connects to the web sites, metasploit logs all of the requests and cookies to the database.

I just finished testing this with my eee. Let me tell you, it is EVIL. Check it out, you wont be sorry.