Based on the exploit posted on the BugTraq mailing list at June, 5th 2000 by Daniel Roethlisberger. (http://www.roe.ch/) The full 'PassWD 1.2 weak 'encryption' exploit' is available here in its entity.
pwd12_decoder.exe