Well, you need to understand what smashing the stack really accomplishes. It basically smashes a lot of values and overwrites a particular address which is basically the address of the return pointer on the stack ($ebp + 4
). You are definitely trying to smash the stack but there is tons of stuff you have to do in order to understand exactly what address you need to override with another address that points to your shellcode.
http://www.phrack.com/issues.html?issue=49&id=14
Currently you don't have the working of either of those two things.
You should use gdb or may another tool to go through the assembly code of the actual vulnerable code and see the return address. Based on that, you try to smash the stack using the command line.
Then you run your exploit code without smashing the stack. Try to capture the actual return address which you should be pointing to the place where you plant your shellcode.
You should follow the reading on phrack to actually understand the concept of smashing the stack. Hope that helps!