Recent Articles

Steal Gmail Cookie:Cookie Stealing Part 2








In last part i have explained the basics of cookie stealing, and happy to know that many of you are really excited to get the second part...thanks to all for their precious comments :)


In this part i will explain cookie stealing in some more detail. But before explaining tough part of cookie stealing, for the ease of beginner, i am explaining only a simple way of 'cookie stealing and inserting' when the attacker has physical access to victim's system.
Practically you rarely can get a chance to hack using this method, but i need to explain this way also so that  beginners can get some more knowledge before going for hard part ;) 


Before going further, i recommend you to read this article, in order to get good grasp of the topic:

How cookie Stealing Hack Works : Basic about Session Hijacking


For explaining the things here, i am taking example of gmail.com, How one can steal gmail cookie, and how to hack gmail account using that stolen cookie.


About Gmail Cookie:


Gmail usually stores its session authentication information in cookie named “GX”. This cookie is used by Gmail to verify and authenticate the user. Thus, the user will be given access to Gmail account depending on the cookie he has. So, if you have access to victim account’s cookie and if you inject this cookie in your browser, Gmail will give you the access to victim account. Thus, you will be able to hack Gmail account.


Note: Our main goal here is to capture Gmail GX cookie and insert it into own system. We can only capture cookie when someone is login on his gmail, because cookie destroy with sign out.




Let's do it practically:(try in on ur own system)



1. To steal Cookie Install Cookie Editor firefox addon on victim computer.


Note: This cookie editor works with Firefox 1.0 - 3.6.... ask me if u dont have old version.
2. Now, go to Tools > Cookie Editor, and search for cookie named GX... and copy its content.

3. Now go to ur own system... install cookie editor firefox addon, login from ur own gmail.... and using 2 step above search for cookie GX..... and click edit button.
4. Now in cookie editor window, replace the content of your GX cookie with the stolen cookie content.
5. Now login with gmail, you will get access of victim account.
Note: If victim is using secure connection, then gmail saves cookie in encrypted from, in this case if u steal cookie, even then also it won't work.
Cookie editor for Chrome users 


To know more about Cookie stealing, Keep on visiting... 
Soon I will write about..... 
  • cookie stealing in network, 
  • Cookie stealing using Cross site scripting

Hack Gmail Account using Cookie Stealing, gmail cookie hack, gmail cookie steal, 
If you want more hacking tutorials, check out other posts under category Hacking.

author

Written by:Surbhi

Surbhi is Founder of Techbyte4u.com. Follow her on Twitter or email her

Bookmark and Share

5 comments for this post

  1. BUT THIS COOKIE EDITOR IS AVAILABLE ONLY 4 Firefox 1.0 - 3.6.* . PLZ WRITE 4 SOME OTHER ADD-ONE .

  2. In firefox go to Tools >> Options and click on "Content" tab and check on to "Enable JavaScript and then try to refresh page and I hope it will not ask that again

  3. @Amandeep,
    here are more cookie editors
    for firefox:
    https://addons.mozilla.org/en-US/firefox/addon/edit-cookies/

    for chrome:
    https://chrome.google.com/webstore/detail/fngmhnnpilhplaeedifhccceomclgfbg

  4. Waiting for more on this artical - cookie stealing in network,
    Cookie stealing using Cross site scripting!!!!!!!!!!

  5. @Surbhi :please remove the leftsidebars of SNS at your site as it is annoying and makes your post difficult to read.Put it somewhere else like bottom side of window.

Leave a reply

TechByte4U on Facebook
Popular Posts