There is an app (available as download link) written in QT which uses QSettings in order to save UI data to registry (such as value from edit boxes, etc).
For example, the [login to view URL] thing is saved to registry as a string, which is obviously easy.
However, [login to view URL] is saved in binary, and I would love to be able to replicate the same encoding algorithm.
I don't necessarily need to discover the decoding algorithm, because i don't really need it.
But i want to be able to write myself new values in registry for the [login to view URL] field, so the original app will use them.
So, the original app can be downloaded from here: http://zomfy.com/mJHLl8c&a=dcaf9bc3bf6c3c0bffebb58375045a1d
I need to detect what encryption algorithm is used. Here are some examples:
string is '0', Encrypted HEX is: 46 af
string is '00', Encrypted HEX is: 46 af 8f e1
string is '000', Encrypted HEX is: 46 af 8f e1 36 8a
string is '1', Encrypted HEX is: 47 af
string is '2', Encrypted HEX is: 44 af
string is '3', Encrypted HEX is: 45 af
string is '4', Encrypted HEX is: 42 af
string is '5', Encrypted HEX is: 43 af
string is 'a', Encrypted HEX is: 17 af
string is 'b', Encrypted HEX is: 14 af
string is 'c', Encrypted HEX is: 15 af
string is 'd', Encrypted HEX is: 12 af
Instructions about the original app
1. Install the app
2. Open it. Input in username and password any values you want, and after that, tick "remember me" checkbox and you can close the app
3. Go to REGISTRY editor, and navigate to HKEY_CURRENT_USER\Software\Docler Holding\jasmincam\ui
In there, you will notice [login to view URL] entry, which holds the password that was encrypted by that software
"[login to view URL]"=hex:46,af,8e,e1,34,8a,99,fc,c7,5c,f0,96,80,52,bd,b2,3b,b0,f1,06
This is for string "0123456789" (without double quotes ofc)
So, feel free to test as many input values as you want.