Added "Snowflake" DBMS support (#5980)

* Added SQL queries for 'Snowflake' DBMS * Added necessary constants for the 'Snowflake' DBMS * Added the 'Snowflake' DBMS to existing conditional which adds dynamic values to hardcoded statements (queries.xml) * Added plugin logic for the 'Snowflake' DBMS * Modified 'dbs' query to include 'ORDER BY' * Moved 'LIMIT' to appear before 'OFFSET'
2026-01-14 18:39:05 +00:00 · 2026-01-12 05:59:00 -05:00
parent e9a9d90837
commit 279a9b3314
14 changed files with 380 additions and 4 deletions
--- a/plugins/dbms/snowflake/syntax.py
+++ b/plugins/dbms/snowflake/syntax.py
@@ -0,0 +1,23 @@
+#!/usr/bin/env python
+
+"""
+Copyright (c) 2006-2025 sqlmap developers (https://sqlmap.org)
+See the file 'LICENSE' for copying permission
+"""
+
+from lib.core.convert import getOrds
+from plugins.generic.syntax import Syntax as GenericSyntax
+
+class Syntax(GenericSyntax):
+    @staticmethod
+    def escape(expression, quote=True):
+        """
+        >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar") == "SELECT CHR(97)||CHR(98)||CHR(99)||CHR(100)||CHR(101)||CHR(102)||CHR(103)||CHR(104) FROM foobar"
+        True
+        """
+
+        def escaper(value):
+            # Convert each character to its ASCII code and wrap with CHR()
+            return "||".join(f"CHR({ord(c)})" for c in value)
+
+        return Syntax._escape(expression, quote, escaper)