2516 lines of programming isn't as bad as when writing dissertations or stuff :P
DOn't let that discourage you from getting into programming, its tons of fun :)
Code:
Func sendPacket($packet, $packetSize)
Local $pRemoteThread, $vBuffer, $loop, $result, $OPcode
$functionAddress = DllCall($kernel32, 'int', 'VirtualAllocEx', 'int', $mid, 'ptr', 0, 'int', 0x46, 'int', 0x1000, 'int', 0x40)
$packetAddress = DllCall($kernel32, 'int', 'VirtualAllocEx', 'int', $mid, 'ptr', 0, 'int', $packetSize, 'int', 0x1000, 'int', 0x40)
$OPcode &= '60' ;PUSHAD
$OPcode &= 'B8'&_hex($SendPacketAddress) ;MOV EAX, sendPacketAddress
$OPcode &= '8B0D'&_hex($realBaseAddress) ;MOV ECX, DWORD PTR [revBaseAddress]
$OPcode &= '8B4920' ;MOV ECX, DWORD PTR [ECX+20]
$OPcode &= 'BF'&_hex($packetAddress) ;MOV EDI, packetAddress //src pointer
$OPcode &= '6A'&_hex($packetSize) ;PUSH packetSize //size
$OPcode &= '57' ;PUSH EDI
$OPcode &= 'FFD0' ;CALL EAX
$OPcode &= '61' ;POPAD
$OPcode &= 'C3' ;RET
; --- enter the asm code to to a dllstruct, which can be used with WriteProcessMemory ---
$vBuffer = DllStructCreate('byte[' & StringLen($OPcode) / 2 & ']')
For $loop = 1 To DllStructGetSize($vBuffer)
DllStructSetData($vBuffer, 1, Dec(StringMid($OPcode, ($loop - 1) * 2 + 1, 2)), $loop)
Next
; --- now letz write the code from our dllstruct ---
DllCall($kernel32, 'int', 'WriteProcessMemory', 'int', $mid, 'int', $functionAddress[0], 'int', DllStructGetPtr($vBuffer), 'int', DllStructGetSize($vBuffer), 'int', 0)
; --- enter the packet code to to a dllstruct, which can be used with WriteProcessMemory ---
$vBuffer = DllStructCreate('byte[' & StringLen($packet) / 2 & ']')
For $loop = 1 To DllStructGetSize($vBuffer)
DllStructSetData($vBuffer, 1, Dec(StringMid($OPcode, ($loop - 1) * 2 + 1, 2)), $loop)
Next
; --- now letz write the code from our dllstruct ---
DllCall($kernel32, 'int', 'WriteProcessMemory', 'int', $mid, 'int', $packetAddress[0], 'int', DllStructGetPtr($vBuffer), 'int', DllStructGetSize($vBuffer), 'int', 0)
; --- now we run the asm code we've just written ---
$hRemoteThread = DllCall($kernel32, 'int', 'CreateRemoteThread', 'int', $mid, 'int', 0, 'int', 0, 'int', $functionAddress[0], 'ptr', 0, 'int', 0, 'int', 0)
; --- wait till the thread did his job ---
Do
$result = DllCall('kernel32.dll', 'int', 'WaitForSingleObject', 'int', $hRemoteThread[0], 'int', 50)
Until $result[0] <> 258
; --- close everything we've opened ---
DllCall($kernel32, 'int', 'CloseHandle', 'int', $hRemoteThread[0])
DllCall($kernel32, 'ptr', 'VirtualFreeEx', 'hwnd', $mid, 'int', $functionAddress[0], 'int', 0, 'int', 0x8000)
DllCall($kernel32, 'ptr', 'VirtualFreeEx', 'hwnd', $mid, 'int', $packetAddress[0], 'int', 0, 'int', 0x8000)
Return True
EndFunc
Is what my sendpacket function would prolly look like (using his function as example.) Writing opcodes is just basically converting it to machine code first, then storing it in memory and having a remote thread access it. It works the same in all programming languages :)