It sounds like you’ve set up the buffer overflow correctly, but modern OS protections like DEP or ASLR may be blocking the shellcode execution. These protections can prevent payloads from executing at predictable memory locations, which is a common challenge in pentesting. Disabling these settings temporarily in a controlled environment might help identify if they’re the issue. Courses covering these concepts, like a penetration testing best course Australia offers, can be helpful for understanding and bypassing such defenses.