If you’re looking to capture SAP Passwords by sniffing your network then the simplest and easiest way has to be using Cain and Abel. Cain and Abel is a fantastic tool which I’m been using for many years and was very pleasantly surprised to see the latest version 4.9.43 supports capturing and decompressing the SAP Diag protocol.

For a demo of how to capture SAP passwords using Cain and Abel see my video below.

In order to combat the vulnerability of having your SAP passwords sniffed then SAP recommends using SNC to provide end to end encryption but I have to admit I’ve not yet seen a company with this implemented. A good alternative method would be to encrypt everything on your network by using IPSEC

If you’re looking for a more in depth network capture of the SAP DIAG protocol then see my Wireshark Posting on the same topic.