A Pakistani Hacker Hacked Gmail,How ?

He shows that how anyone can hack Gmail by these vulnerabilities

A Pakistani Hacker Hacked Gmail,How ?

He shows that how anyone can hack Gmail by these vulnerabilities
Google improves its services by supporting programmers,white hat hackers around the world to search bugs in google and reward them by pointing vulnerability in Google.

Gmail enables its users from in every single place the sector to make use of multiple email addresses and accomplice or link them with Gmail also Gmail enables you to set forwarding addresses so the emails which you acquire are also sent to the one which you’ve forwarded. These two modules have been certainly prone to authentication or verification bypass. It’s similar to account takeover however right here i as an attacker can hijack e-mail addresses through confirming the ownership of e-mail and was competent to use it for sending emails.

Pakistani hacker named “Ahmed Mehtab” used to be listed in Google’s Hall Of Fame for discovering a primary flaw in Gmail which allows someone to hack any e-mail account.If the Vulnerability seems to be the legitimate one then the researchers can count on to acquire as much as $20,000 with the aid of Google.

How It’s Done:-

According to “Ahmad Mehtab”  If you click on the gear button in Gmail and after you will see two modules there one with a name of ” Account and Import ” > ” Send Mail As ” and Forwarding Module was affected. This is a logical vulnerability which allowed me to hijack email addresses from Gmail. Any Gmail address which is associated or connected with Gmails SMTP was vulnerable to this security issue. It could be @gmail.com or @googlemail.com or @googleemail.com etc. We are aware of the fact that Gmail gives us report regarding the mail delivery if email was sent or not, Likely if we send email to any email addresses which does not exist or is offline Gmail will bounce back a message with a subject of Delivery Status Notification which contains the reason why Gmail actually failed to deliver your email to the recipient.

To hijack any email address there should be any of the following case in order to make it successful
  • If recipients smtp is offline
  • If recipient have deactivated his email
  • If recipient dose not exist
  • If recipient exists but have blocked us
  • Cases could be even more 

Ahmed Mehtab ‘ll be the  latest to win the prize money by Google.




Please enter your comment!
Please enter your name here