I was in the same place as you for a long time. I would look at the shellcode and be like, how the heck did they come up with that? In the past few weeks I've been messing with it and made some progress. If you're looking into being able to write exploits though, you really don't need to be able to make the hex strings, there are lots of programs out there to do it for you, and also you can just use shellcode that someone else already came up with. But you're probably like me and don't care if it's available, you just want to know how to do it. If you need any help feel free to pm me. Also, the book gothic_type mentioned is a lot like aleph1's article about buffer overflows and the stack. Both give a way to make the shellcode using gdb on a program you write in C with inline assembly. Just search for "Smashing the stack for fun and profit", the part about using gdb to get the hex values is about halfway through. Good luck.