Can you describe the details of the cookie injection attack you are attempting? Are you actually talking about capturing cookie data from these sniffed sessions and using them in your browser to access the service as the user who owns the cookie?
If you want to know more about how the GMail authentication works Id recommend capturing the logon in an interception proxy like burp and watching the Set-cookie directive returned by the webserver to a successful login. That will let you know the domain of the cookie and whether it has properties such as "Secure" that will require transport via https.
*The standard disclaimer about not using this method to access anyone elses accounts goes here*