I've read several books now on hacking- I am A+, CCNA, MCP, & Webmaster Cert. but I
never learned anything of hacking- now I'm interested in this area since I feel secure,
in general, with computers.

I sometimes tend to analyze too much and blind myself to "obvious" answers and solutions.

QUESTION: Where to input/deliver the overflow exploit (egg, PERL code, etc.) ?? I can code, compile, chmod to change permissions, and I understand PERL, I JUST DON'T KNOW WHERE TO PUT THE CODE!!

I know you can cause overflows (& spawn shells) with URL input (like the old phf exploit) , through form text entries on web pages, etc. but, say you telnet to a web server:
>telnet 10.2.40.5 80

and you've telnetted from within a shell on a Linux box at home, and connect to port 80, can you put/run exploit code [perl, C prog (egg), etc.] here, within YOUR shell, on YOUR Linux box or do you need a shell account from THAT ISP, to input the perl code, egg, etc. to try and
spawn a root shell or do some other wak thing ? (or, of course, if you can spawn a regular user shell some other way (URL input, Form input, etc.) you can then run some exploit code within that shell, and try for root. Alos, does the phrase "Shell Code" have different meanings?

BOTTOM LINE: BUFFER OVERFLOWS: WHERE TO RUN THE EXPLOIT ???????????

THANKS, Jim