gmail password sniffing

Your own, or someone else's?

Not easily as it will be encrypted using https, e.g. see the bottom half of this web page: http://samsclass.info/120/proj/p3-wireshark.htm.

If you can manage a mitm attack then you should be able to capture it, or use a proxy, e.g Fiddler, as is explained here.

i know from facebook (which uses https to ) that it can be managed by sniffing the cookies

To capture the password of an SSL encrypted page requires you to do at least one of two things:

1. Have a copy of the SSL private key to decrypt the traffic between you and the server (not going to happen since Google owns this key -- might be valuable if you hosted your own mail or https page)
2. Use something like an SSL Proxy to perform a Man-In-The-Middle attack. This process allows the SSL Proxy platform to fake-out your system by forcing all outbound HTTPS connections to connect to the proxy and use it's SSL Cert and Private key. The proxy will then go out and connect to the remote machine to perform the action you're trying to do.

I've used Charles Proxy (http://www.charlesproxy.com) in the past with great success for viewing SSL encrypted content.

Now... here's the kicker. A smart coder will create some form of a non-reversible, encrypted password before it even leaves your machine to avoid even this type of attack -- granted even this will have it's own pitfalls and could be used to fake-out the login with the correct style of attack, but it would prevent the plain-text password from showing.

Also, if you're trying to view something over IMAPS, your best bet might just be to make sure you don't connect over SSL, then using Wireshark to view this traffic is pretty simple.

I'm not familiar with performing any type of Cookie based attack or any other attack for that matter -- My job is simply to perform protocol analysis, which sometimes requires me to defeat SSL based traffic.