[source] host/port "в коде"

[izen]

Видел такую штуку в некоторых защитах. Стало интересно как такое можно сделать.
Как вариант для ct25:

host.asm

Код:

; eurooff ct25 live
;.text:203E4614                 mov     ebp, ds:htons
;.text:203E461A                 lea     edi, [esi+3Ch]
;.text:203E461D                 push    83Ah            ; hostshort
;.text:203E4622                 mov     word ptr [edi], 2 ; AF_INET
;.text:203E4627                 call    ebp ; htons
;.text:203E4629                 mov     edx, [esi+38h]
;.text:203E462C                 push    10h             ; namelen
;.text:203E462E                 push    edi             ; name
;.text:203E462F                 push    edx             ; s
;.text:203E4630                 mov     [esi+3Eh], ax
;.text:203E4634                 call    ds:connect

format PE GUI 4.0 DLL
entry DllMain

include '%fasminc%\win32a.inc'

section '.data' data readable writeable
        dd    0
enginedll    db    'engine.dll',0
lpflOP            dd    0
dwConnFunc    dd    ?
        dd    0
sin        sockaddr_in
        dd    0
szIP        db    '127.0.0.1',0    ; ip
        dd    0
wPort        dw    2106            ; port
        dd    0
IsPatched    dd    0

section '.text' code readable executable

proc    DllMain
    cmp    dword [IsPatched], 1
    je    @F
    call    FindAndHook
    call    FillSockaddr
@@:
    mov    eax, 1
    ret
endp

proc    FillSockaddr                                                            ; fill scokaddr_in struct
    pushad
    mov    ebp, esp
    push    szIP
    call    [inet_addr]
    mov    [sin.sin_addr], eax
    push    [wPort]
    call    [htons]
    mov    word [sin.sin_port], ax
    mov    word [sin.sin_family], AF_INET
    mov    esp, ebp
    popad
    ret
endp


proc    FindAndHook
    pushad
    mov    ebp, esp
    
    push    enginedll
    call    [GetModuleHandleA]                                              ; Search from engine.dll base
    mov    edi, eax
    
    cld
    mov    ecx, 02000000h                                                  ; not more 02000000h
    mov    al, 08Dh                                                        ;
    mov    ebx, 03A683C7Eh                                                 ;
    mov    edx, 066000008h                                                 ;
@@:
    repne    scasb
    jcxz    @F
    cmp    dword[edi], ebx
    jne    @B
    cmp    dword[edi + 4h], edx
    jne    @B
    dec    edi
    cld
    
    push    lpflOP
    push    40h
    push    0Fh
    push    edi
    call    [VirtualProtect]                                                ; in some dll`s code section have RE attr
    
    mov    [dwConnFunc], edi
    
    mov    eax, 090909090h                                                 ; nop old code
    mov    [edi + 06h], eax
    mov    [edi + 07h], eax
    mov    [edi + 0Bh], eax
    
    mov    esi, ClientConnHook
    mov    byte [edi], 068h                                                ; push imm32
    mov    [edi + 1h], esi
    mov    byte [edi + 5h], 0C3h                                           ; ret
    
    mov    [IsPatched], 1
@@:    
    mov    esp, ebp
    popad
    ret
endp

proc ClientConnHook
    mov    edi, dword [dwConnFunc]
    add    di, 0Eh                                                         ; ret lil far
    push    edi
    mov    edi, sin                                                        ; edi - ptr to sockaddr_in
    ret
endp

section '.idata' import data readable
    library kernel32, 'kernel32.dll',\
          ws2_32, 'ws2_32.dll'
    
    import  kernel32,\
                        GetModuleHandleA, 'GetModuleHandleA',\
                        VirtualProtect, 'VirtualProtect'
        import  ws2_32,\
                      inet_addr, 'inet_addr',\
                      htons, 'htons'
                        
                        
section '.edata' export data  readable
    export 'host.dll',\
        DllMain, 'DllMain'
        
section '.reloc' data discardable fixups

[Atlantis.Tor]

Поточнее, что именно необходимо?