It can be useful to know how to hack a Gmail address, especially if you lose your account password. It would also be a good way to test the security of your account. There are several ways to do this, but most of the methods involve obtaining the account password through other means. You should know that it is illegal to hack another person's Gmail account.
Method 1 of 4: Know what to expect
Step 1. Understand what the limits are
Gmail is an incredibly secure service. The only way to "hack" someone's account would be to steal their password. If your target has a two-factor authentication system in place, you will also need their cell phone. There is no other way to overcome a two-factor authentication system.
Step 2. Understand the legal issues this could cause
In most parts of the world, it is absolutely illegal to access another person's email account without their permission. This article has been written for educational purposes only.
Method 2 of 4: Use a keylogger
Step 1. Find a keylogger program that meets your needs
This is a program that records keystrokes made from the computer on which it is installed. There are several types of keyloggers, free or not, with varying degrees of stealth in the computer. You should consider all of your options thoroughly. Here are some popular programs:
- Actual Keylogger
- Spyrix Free Keylogger
- BlackBox Express
Step 2. Install the keylogger on the target computer
You will need administrator access on this target computer. On many computers, the password is “admin” or there simply isn't one.
- The keylogger installation process depends on the program you are using.
- It is illegal to install a keylogger without the consent of the person using the computer.
Step 3. Start the keystroke logging service
Start the service so that it starts recording keystrokes. The process depends on the program you are using. If the program offers multiple features, you may need to configure it for keylogging.
Step 4. Watch for keystrokes
Leave the keylogger on while the target is using the computer. The program will probably capture a lot of information. You will be able to filter the information according to the window in which the keystrokes are performed.
Step 5. View the passwords
Some programs will email the passwords to you. Others will require you to export them from the computer the program is running on. Scroll through the passwords until you find the one that you think matches the Gmail account. You may be able to filter it through the Gmail login page.
If the program does not email you passwords, you will need to access them from the computer on which it is installed
Method 3 of 4: Use the browser's password manager
Step 1. Open the browser used by your target
This is the one she uses to go online on her computer. You must have access to the person's computer for this. Try to do this when she is out of the room and you know you have a few quiet minutes.
Open a link from an e-mail message or a help menu, to launch the default browser
Step 2. Open the password manager
Note that the process for accessing the password manager differs depending on the browser used.
- Internet Explorer: click on the gear button or on the Tools menu and select "Internet Options". Click on the "Content" tab, then on the "Settings" button in the "AutoComplete" section. In the new window, select "Manage passwords".
- Chrome: click on the Chrome Menu button (☰) and select “Settings”. Click on the "Show advanced settings" link, then scroll down to the "Passwords and forms" section. Click on “Manage passwords”.
- Firefox: click on the Firefox Menu button (☰) and select “Options”. Click on the "Security" tab, then on "Saved passwords".
- Safari: click on the "Safari" menu, then select "Preferences". Click on the “Passwords” tab.
Step 3. Find your target's Google account password
Use the password manager's search bar to search "Google". This is the fastest way to reduce the password list. Find the "accounts.google.com" entry for the target's Gmail address.
Step 4. Display the password
Select the password, then click the "Show" or "Show password" button. You might need to display the computer administrator password so that the passwords can be viewed.
Step 5. Enter the password, then close the password manager
Write down the password, as well as the exact Gmail address. Close the password manager when you are finished taking your notes.
Step 6. Try this password from another computer
If your target hasn't enabled two-factor authentication, you should be able to access their account. The target will likely be notified that a connection attempt has been made from another computer.
If the target has two-factor authentication enabled, you will need the code sent to their cell phone. There is no other way to find the password
Method 4 of 4: Use a packet sniffer
Step 1. Understand how the process works
When someone signs in to Gmail (or any other authentication service), a file called a "cookie" is sent to their computer. This cookie allows the user to stay logged in even if they leave Gmail. A packet sniffer will be able to find cookies transferred over a wireless network. When you find a Gmail cookie, you can open it on your computer and you can potentially access your target's mailbox. You will need to be connected to the same Wi-Fi network as your target for this.
- This method will not work if your target has encryption enabled (https://). As this feature is enabled by default on Gmail, its usefulness is limited.
- It is illegal to use a packet sniffer on a public network to intercept data.
Step 2. Download and install Wireshark
This is a free network monitoring service that you can download from wireshark.org. It is available for Windows, Mac and Linux. Its installation is simple, you just have to follow the installation instructions as you do for most programs.
During installation, make sure that you also install the TShark component. It is very important to catch cookies on the wireless network. You will also need to install WinPcap
Step 3. Download Cookie Cadger
This is a Java program that will find cookies that are sent over the wireless network and intercept them. This program does not require installation. It works the same on all operating systems.
You will need to have Java 7 to be able to use Cookie Cadger. You can download Java from java.com/download. See How to Install Java to learn more
Step 4. Connect to the same wireless network as your target
You will need to be connected to the same wireless network as your target. It means you have to be close to it.
Step 5. Launch Wireshark
Wireshark must be open for Cookie Cadger to work.
Step 6. Launch Cookie Cadger and select your wireless adapter
Select the adapter connected to the wireless network from the drop-down menu. You should see insecure cookies from other network users displayed in the main frame.
Step 7. Use the domain filter to find Google cookies
The second column will display the list of domains in which Cookie Cadger has found cookies. Look for Google domains, especially mail.google.com.
Remember that this can only work if the target is not using an "https" connection. If its connection is secure, you will not be able to find cookies
Step 8. When you have found a Gmail cookie, click “Resend Request”
The cookie will be loaded on your web browser. The right cookie will take you directly to the target's mailbox.
Once the person logs out, you can no longer access their Gmail account
- Many programs claiming to be able to hack Gmail accounts are in fact scams.
- The sole purpose of this article is to educate people about computer security issues.