does anybody know as unpack PKLite 32?

Yes

JDog45: a simple yes doesnt help him at all. please elaborate on the subject or stop posting

Ok, I thought we weren't supposed to post anything that didn't have to do with Olly???

Please help me, I惴 use Olly 1.10.

JDog45: yeap. but add this to your comment

Bruno Maestro: you asked this before.
have your tried R@dier script ? btw, why are you trying to unpack PKLite ? I hope it has nothing to do with cracking

TBD, no where can i find R@ider Script? I want to unpack PKLite 32 v1.1 so i can know the code of the software.

Eesh, from recent posts you'd think packers like UPX/PKlite etc had some seriously hardcore protection

Bruno,
Packers like UPX, PKLite, FSG and so on really are very trivial to unpack - it takes longer to load a script to automate an unpacking of UPX than to do it manually (to do manually just breakpoint on popad and you'll be just an instruction or two away from the Original Entry Point). Usually all you need to look for is a jump that goes outside the main decompression code. There are things like OEP obfuscation that can work against you there, but that's only in packers with anti-debug capabilities. PKLite has no anti-debug capabilities or other protections, it's just a "vanilla" packer that does nothing more than it needs to.

I just had a quick look at it then (it's been a few years), and here's a disassembly (it's even easier than UPX!) ...

00475000 > $ 68 80504700 PUSH delphi7.00475080 ; /Arg3 = 00475080
00475005 . 68 FCF34A00 PUSH delphi7.004AF3FC ; |Arg2 = 004AF3FC
0047500A . 68 00000000 PUSH 0 ; |Arg1 = 00000000
0047500F . E8 E8A30300 CALL delphi7.004AF3FC ; \delphi7.004AF3FC
00475014 .^E9 5B87FEFF JMP delphi7.0045D774

That last JMP is to the OEP.

Thankyou, please drive through.