I don't know, I set up that program with a really obvious bug to read 512 bytes into a 256 byte buffer, but I can't see how Windows would detect that at runtime, except if there were like internal thigns called inside recv and then like an cmp ESP, EBP check failed. That kinds of explains it for myself, but like, it's really confusing, because it worked sometimes.

The shellcode definitely was run like 4 or 5 times, all of them right after a new compilation of the vulnerable program, and then I would try again to see if I could get it to repeat that behavior, and it would fail. I might want to run the exploit more than once if I was trying to hammer out the length of my exploit buffer and placement of the RET or something.