You're kind of right I think. I'm going to attempt to explain it but I may be way off. The way I see it is, you have a buffer, and whatever is put into that buffer is unchecked which is what allows you to do a buffer overflow to begin with. When you overflow the buffer, you're basically overwriting memory. What you try and do, I believe, is overwrite memory that you know will be executed later, and you overwrite it with code that you want executed. In this example it overwrites it with code that will bind a system shell to a port you specify. I could be way off but that's how I understand it. The down and dirty way is to just crash it like ZM77 said, but you can manipulate it to get it to do things you want it to.