Looks well, but I'm not sure if you can call functions in buffer for data. Does SDKCall() already call VirtualProtect() with execute flag? What about Linux? Probably we can call kernel with int 80h. This makes me think you can exploit/hack servers/OS only with embedding shellcode in plugin.