Decrypt HTC LucyNotes data

decrypt.sh

#!/bin/bash

# copy /sdcard/.data/LucyNotes and /data/data/com.htc.lucy/databases/htcnotes.db
# into a directory with this script and run it

key=$(sqlite3 htcnotes.db "select v from kv where k='k'" | sed '/^$/d' | base64 -d | xxd -ps | paste -sd '' -)
iv=$(sqlite3 htcnotes.db "select v from kv where k='iv'" | sed '/^$/d' | base64 -d | xxd -ps | paste -sd '' -)
find LucyNotes/ -type f -name '*_e.*' | while read file; do
    out=$(echo $file | sed s/_e././ | sed s/LucyNotes/LucyNotes.decrypted/)
    mkdir -p $(dirname "$out")
    openssl enc -d -aes-256-cbc -K $key -iv $iv -in "$file" -out "$out"
done

@oh-oh-seven This script was written for the M9. Are there other app's data in the /data/data directory? You'll probably need root to access it.
If you had disk encryption enabled, you'll need to make sure the passcode has been entered on the device before being able to see /data/data.
Some other places of interest: /data/user/0 (normally just a symlink to /data/data), /data/user_de/0. Basically anything in /data. you could even run grep and find on the whole /data partition to see if anything turns up.
If we assume the encryption scheme is the same as what my phone had (aes-256-cbc), then you'll need to look for the key and IV (initialisation vector). Try looking through all files in /data/data/com.htc.lucy/ for references to these, shared_prefs may have it.

If you can't find anything there's a chance that the key and IV are hard-coded in the app. Even if that were the case, I'd expect there to still be a database for user settings etc.