Steal Gmail Cookie:Cookie Stealing Part 2


 

In last part i have explained the basics of cookie stealing, and happy to know that many of you are really excited to get the second part…thanks to all for their precious comments 🙂

In this part i will explain cookie stealing in some more detail. But before explaining tough part of cookie stealing, for the ease of beginner, i am explaining only a simple way of ‘cookie stealing and inserting’ when the attacker has physical access to victim’s system.
Practically you rarely can get a chance to hack using this method, but i need to explain this way also so that  beginners can get some more knowledge before going for hard part 😉

Before going further, i recommend you to read this article, in order to get good grasp of the topic:

How cookie Stealing Hack Works : Basic about Session Hijacking

For explaining the things here, i am taking example of gmail.com, How one can steal gmail cookie, and how to hack gmail account using that stolen cookie.


About Gmail Cookie:


Gmail usually stores its session authentication information in cookie named “GX”. This cookie is used by Gmail to verify and authenticate the user. Thus, the user will be given access to Gmail account depending on the cookie he has. So, if you have access to victim account’s cookie and if you inject this cookie in your browser, Gmail will give you the access to victim account. Thus, you will be able to hack Gmail account.

Note: Our main goal here is to capture Gmail GX cookie and insert it into own system. We can only capture cookie when someone is login on his gmail, because cookie destroy with sign out.

Let’s do it practically:(try in on ur own system)

1. To steal Cookie Install Cookie Editor firefox addon on victim computer.

Note: This cookie editor works with Firefox 1.0 – 3.6…. ask me if u dont have old version.

2. Now, go to Tools > Cookie Editor, and search for cookie named GX… and copy its content.
3. Now go to ur own system… install cookie editor firefox addon, login from ur own gmail…. and using 2 step above search for cookie GX….. and click edit button.
4. Now in cookie editor window, replace the content of your GX cookie with the stolen cookie content.
5. Now login with gmail, you will get access of victim account.
Note: If victim is using secure connection, then gmail saves cookie in encrypted from, in this case if u steal cookie, even then also it won’t work.
To know more about Cookie stealing, Keep on visiting…
Soon I will write about…..
  • cookie stealing in network,
  • Cookie stealing using Cross site scripting

Hack Gmail Account using Cookie Stealing, gmail cookie hack, gmail cookie steal,

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s