UserID and hashed password for Lotus Domino

[Casper Gio <gpedone77 () yahoo it>]

hi,
while doing security tests on a Lotus Domino sistem, I
managed to get the UserID file for a user, and the
hashed password of another user.
I made it accessing thru the Internet, so I was a
totally unpriviligied user. The way I made it, is
simple:

the company I'm doing this test for, left some of the
domino databases open to the public. Among the others,
there's the names.nsf database, wich contains info
about the users. You just access this database with a
url like: 
http://domino_server/names.nsf
Well, one user had his UserID file publicly
accessible, and another user had his password digest
stored in the database.

Is there any way to obtain the password from the
UserID, or to crack and obtain the password from its
hash?
(I read it was released a tool named "sesame"... any
clue? here for more info about it:
http://online.securityfocus.com/news/66 )

I would be interested in demonstrate how to abtain a
password or access to
the system starting from the data I collected on the
Internet.
I would appreciate any help thanks.

Casper


______________________________________________________________________
Mio Yahoo!: personalizza Yahoo! come piace a te 
http://it.yahoo.com/mail_it/foot/?http://it.my.yahoo.com/