Hi All

How can i hack Gmail.

i have a squid server and now on this 25 user are connected.now i want to sniff
gmail password .

Hi and welcome to ethicalhacker.net.

This site is called ethicalhacker.net because it is devoted to ETHICAL hacking. You request doesn't sound all that ethical, it sounds illegal more than anything else. Perhaps you can elaborate in your request if you think it's within the realm of ethical hacking.

Jimbob

Also, you do need a packet sniffer like RoleReversal said, but I would research public key and private key encryption and in order to crack the passwords you do get from sniffing the traffic would require you to get goggles private key.. I don't see that happening.. but hey, anythings possible.

Sayonara.yoga,

if this is the case then you may be able to contact Google direct to determine if your confidential information is there, but I suspect you may need smoking gun evidence and possibly a police warrant.

Alternatively if you have information related to a specific individual you may be able to contact them directly and request that they show your their account. They may subscribe to 'nothing to hide....', of course if they are smart then any evidence will be deleted so access to their gmail account will not be of any use.

Finally even though it is a corporate network and corporate information I would advise reviewing your policies and/or contracts as it may still be illegal to sniff the passwords from the network. This could potentially get both your self and your employer into a whole heap of trouble.

As others have said, gmail should be encrypted therefore merely sniffing the traffic on your proxy may not be sufficient. I do not believe this is the most logical, legal or practical approach, but without knowing your environment better it is difficult to suggest a better course of action.

If it is causing problems and data leakage then you could/should review corporate policy and block access to gmail et.al. just be aware that in this day and age a sufficiently privileged insider will usually be able to find some way of removing data from safe storage. Often improving the audit-trail capabilities of your environment is enough to stop insiders doing unwanted activities as it increases the prospect of getting caught.

Hope this helps.

RR

I agree that if an employee is doing this, there are some technical as well as non-technical steps to now take. Talk to management to see how they want to proceed.

In the future, I would consider putting in a Data Loss Prevention product like Vontu or Vericept to look at the data before allowing it to go outside of your organization.

Hope this helps,
Don

PS - A couple pieces of advice. All caps in text communications means you are yelling. I'm sure that's not what you meant. Secondly, asking how to hack gmail will get the wrong reaction (as you saw) from our community. Stating it as a professional issue clearly got you more info.

There are so many levels of problems here.  If this is the case, it is still not legal to break someones personal email account.  You cant take thier password and rummage through thier account. 

but you can examine the computer.  This is done every day.  Just get a forensic examiner to check it out.  With encase you can peice together a bunch of interesting things like webmail pages.  Plus, if it turns into litigation, you stealing a password isnot going to help matters.

Digging around peoples personal email accounts.. even if they are checking them from YOUR offices... is a bad bad idea from a legal stand point.  Recording what they type ironically is much much less difficult to explain, and fairly easy if you have pre-existing policies signed by the said employees.  So, if you are indeed an admin of an office... careful where you dig.  If you're using that as an excuse to try and dig into peoples private email boxes, and arn't being told to do this for a business... get ready for Bubba's lovin.

You sure? Personally I'd check with my legal department. This may not be universally true.