Want to test the security of a Gmail account? Whether you want to hack your own or someone else's Gmail account (with permission, of course), you have several tools at your disposal. This wikiHow article will teach you how to use tools like keyloggers, packet sniffers, and your web browser's own password manager to break into a Gmail address. Keep in mind that hacking into someone else's email account is unethical and illegal in most regions, so do so at your own risk.


Method 1
Method 1 of 4:

Managing Your Expectations

  1. 1
    Understand the limitations. Gmail is an incredibly secure service. The only way you'll be able to "hack" into someone's account is by stealing their password. If your target has two-factor authentication, you'll need their mobile device as well. There is no other way around two-factor authentication.
  2. 2
    Understand the legality. It is absolutely illegal in most areas to access someone's email account without authorization. This article is for educational purposes only.
  3. Advertisement
Method 2
Method 2 of 4:

Using a Keylogger

  1. 1
    Find a keylogger program that suits your needs. A keylogger is a program that logs the keystrokes on the computer it is installed on. There are a variety of keylogger programs available for free or for purchase online, with varying degrees of stealthiness. Be sure to research all of your options carefully. Popular programs include:
    • Actual Keylogger
    • Spyrix Free Keylogger
    • BlackBox Express
    • KidLogger
    • NetBull
    • Lola
  2. 2
    Install the keylogger on the target's computer. This will require administrator access to the target's computer. On many computers, the password will be "admin" or will just be blank.
    • The process for installing the keylogger varies depending on the program you are using.
    • Installing a keylogger without the other person knowing is illegal.
  3. 3
    Start the keylogger service. Start the service so that it begins recording keystrokes. The process for this will vary depending on the program you are using. You may have to configure the program to record keys if it has multiple functions.
  4. 4
    Let the keylogger run while the target uses the computer. The keylogger will likely capture a lot of information. You can filter based on the window that the user is typing in.
  5. 5
    View the logs. Some keyloggers will send the logs to your email. Others will require you to export them from the computer that the program is running on. Browse through the logs until you find what you suspect to be the target's Gmail password. You may be able to filter by the Gmail login page.
    • If the keylogger doesn't send you the logs via email, you'll need to access the program on the computer you installed it on to view them.
  6. Advertisement
Method 3
Method 3 of 4:

Using the Browser's Password Manager

  1. 1
    Open the web browser that your target uses on their computer. You must have access to that person's computer. Try this when they're out of the room or you know that you have a few minutes alone.
    • Open a link from an email or a Help menu to launch the default browser.
  2. 2
    Open the password manager. The process for accessing the password manager is different depending on the browser you are using.
    • Internet Explorer - Click the Gear button or the Tools menu and select "Internet Options." Click the "Content" tab and then click the "Settings" button in the AutoComplete section. Select "Manage Passwords" from the new window.
    • Chrome - Click the Chrome Menu button (☰) and select "Settings." Click the "Show advanced settings" link and then scroll to the "Passwords and forms" section. Click "Manage passwords."
    • Firefox - Click the Firefox Menu button (☰) and select "Options." Click the "Security" tab and then click "Saved Passwords."
    • Safari - Click the Safari menu and select "Preferences." Click the "Passwords" tab.
  3. 3
    Find the password for your target's Google account. Use the search bar in the password manager to search for "google". This is the quickest way to narrow down the list of passwords. Look for the "accounts.google.com" entry for the target's Gmail address.
  4. 4
    Display the password. Select the password and then click the "Show" or "Show Password" button. You may have to enter the administrator password for the computer before the passwords are displayed.
  5. 5
    Write down the password and then close the password manager. Make note of the password as well as the exact Gmail address. Close the password manager when you are done to cover your tracks.
  6. 6
    Try the password from another computer. If the target has not enabled two-factor authentication, then you should be able to access the account. The target will likely be notified that a login has occurred from an unknown browser.
    • If the target has two-factor authentication activated, then you will need the code that is sent to their mobile device. There is no way around this if it is activated.
  7. Advertisement
Method 4
Method 4 of 4:

Using a Packet Sniffer

  1. 1
    Understand the process. Whenever someone logs into Gmail (or any other login service), a file called a "cookie" is sent to their computer. This cookie allows the user to stay logged in, even if they leave Gmail. A packet sniffer can find cookies being transferred over a wireless network. When you find a Gmail cookie, you can open it on your computer and potentially access your target's inbox. You'll need to be connected to the same wireless network as your target.
    • This method will not work if your target has encryption enabled (https://). This is enabled by default in Gmail, so its usefulness is limited.[1]
    • Using a packet sniffer on a public network to intercept traffic is illegal.
  2. 2
    Download and install Wireshark. Wireshark is a free network monitoring utility that you can download from wireshark.org. It is available for Windows, Mac, and Linux. Installing Wireshark is a straightforward process. Follow the prompts like you would with most programs.[2]
    • During installation, make sure to install the TShark component. This is essential for grabbing cookies over the wireless network. You will also need to install "WinPcap."
  3. 3
    Download Cookie Cadger. This is a Java program that will find and intercept cookies being sent across the wireless network. Cookie Cadger doesn't need to be installed. It works the same in every operating system.
    • You will need to have Java 7 installed in order to use Cookie Cadger. You can download Java from java.com/download. See How to Install Java for more details.
  4. 4
    Connect to the same wireless network your target is connected to. You will need to be connected to the same wireless network as your target. This means you'll need to be close.
  5. 5
    Launch Wireshark. Wireshark will need to be running in order for Cookie Cadger to work.
  6. 6
    Run Cookie Cadger and select your wireless adapter. Select the adapter connected to the wireless network from the drop-down menu. You should see the main frame populate with unsecured cookies from other people using the network.
  7. 7
    Use the domain filter to find Google cookies. The second column will display a list of domains that Cookie Cadger is finding cookies for. Look for Google domains, particularly mail.google.com.
    • Remember, this only works if the target is not using https. If their connection is secure, you will not be able to find the cookie.
  8. 8
    Click "Replay This Request" when you've found a Gmail cookie. This will load the cookie into your own web browser. The right cookie will take you directly to the target's inbox.
    • You will no longer be able to access their Gmail when the person logs out.[3]
  9. Advertisement

Community Q&A

  • Question
    Can I do it without accessing the victim's PC?
    Community Answer
    Community Answer
    You could, but a large amount of social engineering would be required. You would have to get the user to install a keylogger as some other application.
  • Question
    Can my phone be hacked if I make another Gmail account for another person from my phone?
    Community Answer
    Community Answer
    No, your phone will not get hacked. Just make sure to log out of the other Gmail account before making a new one.
  • Question
    Is it illegal for me to hack into someone else's Google account and change the password?
    Community Answer
    Community Answer
    Yes. It is very illegal and could get you into serious trouble.
Advertisement

Warnings

  • Beware that many of the software programs claiming to hack Gmail accounts are scams.
    ⧼thumbs_response⧽
  • The sole purpose of this article is to impart knowledge and make people aware of security concerns.
    ⧼thumbs_response⧽
Advertisement

About This Article

wikiHow is a “wiki,” similar to Wikipedia, which means that many of our articles are co-written by multiple authors. To create this article, 125 people, some anonymous, worked to edit and improve it over time. This article has been viewed 5,016,623 times.
How helpful is this?
Co-authors: 125
Updated: March 21, 2023
Views: 5,016,623
Categories: Gmail | Hacks
Article SummaryX

You can learn how to hack your Gmail account to test its security or in case you have lost your password, but remember that hacking someone else’s account is illegal. One way to hack your Gmail is to open your password manager. Use the search bar in the password manager to search for “google.” Then, look for “accounts.google.com” to find the Gmail address. Select the password, then click the “Show” or the “Show Password” button. After you copy down the password, type it into your Gmail login page. If you have two-factor authentication activated, you’ll also need the code sent to your mobile phone to access the account. To learn how to use a Packet Sniffer to hack into your Gmail account, keep reading!

Did this summary help you?
Advertisement