Let's take a look at an insecure piece of C code. Assume that it's a part of a real piece of software that needs to perform an access check, so you can also assume that the code is more realistic in real life and doesn't just check a string entered by the user.

For x86, all we need to do is input 16 bytes to make the address of auth point to a value other than 0x0. x86-64 is a different story (more bytes are needed) but is still just as exploitable. There's another flaw with this code that makes it even easier to exploit. The conditional that checks the auth variable is not checking for a specific value, only if the value is truthy. This means that whatever value we overflow the address of auth with will satisfy that condition, thus printing "Access granted".

Now let's change the conditional to check for auth == 1 which should now make it impossible to print "Access granted". As an example, if someone now inputs 16 "h" characters (the hex value for "h" is 0x68) then the auth variable will be overflowed with 0x68. So now our conditional looks like 0x68 == 1 (or 0x686868 == 1 if we have more characters past our buffer size) which is false. How can we get around this?

By changing the conditional another attack vector has actually been opened. All someone needs to do now is make sure the 16'th byte is 0x1 which happens to be the SOH (start of heading) control character. If you're on a shell this means that you just need ^A for the 16th byte which will set the address of auth to 0x1. The conditional will then look like 0x1 == 1 which defeats our security check. Note that in this case you cannot pass more 0x1 bytes past the 16th byte, otherwise the conditional could look like 0x10101 == 1 which is false.

There are thousands of different ways to expose a buffer overflow and even more for exploiting them in creative ways. They are often used to change return addresses which can help sidestep security measures and do pretty much anything you can imagine. If you're able to inject your own code and point an address at it you can go even further like setting up a reverse shell.