Passwords for WS_FTP (available here) are stored in the ws_ftp.ini file in the format:
PWD=VAE14E12F61EF8FE8DEC0332931D366797167A6AA80A5AA71
The plaintext password (up to 32 characters) is 'encrypted' (actually just obfuscated) by using a 32-bit 'salt' of random hexidecimal numbers, and then adding the position of the digit to the digit and calculating 57 modulo 47 plus this number. Modulo is the remainder when one number is divided by another.
The 'ciphertext' is converted to plaintext by performing the reverse. Have a look at the source of this page for a javascript implementation.
Notice how for a single password, a great number of valid ciphertext strings are possible, thanks to the 32-bit random salt. Each of these strings can be decoded to get the same plaintext password.
Enter in the box below either;
1. A plaintext password, maximum length 32 characters and click 'encode' to get the ciphertext
2. Ciphertext from the ws_ftp.ini file (or else generated from encoding a password) and click 'decode' to get the plaintext
I've put together an excel file walkthrough available here (43kb). It has two macros to convert hex->dec and dec->hex which may cause a security warning, but hey, they're harmless. Don't you trust me!?
Email me at alex[at]bacik.ie for questions / comments.