hsql plugin folder

2025-12-06 20:51:31 +00:00 · 2013-06-24 14:34:25 +01:00
parent a53823f9b7
commit d739d5062d
5 changed files with 342 additions and 0 deletions
--- a/plugins/dbms/hsql/syntax.py
+++ b/plugins/dbms/hsql/syntax.py
@@ -0,0 +1,33 @@
+#!/usr/bin/env python
+
+"""
+Copyright (c) 2006-2013 sqlmap developers (http://sqlmap.org/)
+See the file 'doc/COPYING' for copying permission
+"""
+
+import binascii
+
+from lib.core.convert import utf8encode
+from plugins.generic.syntax import Syntax as GenericSyntax
+
+class Syntax(GenericSyntax):
+    def __init__(self):
+        GenericSyntax.__init__(self)
+
+    @staticmethod
+    def escape(expression, quote=True):
+        """
+        TODO: Unsure of a method to escape. Perhaps RAWTOHEX/HEXTORAW functions?
+        >>> Syntax.escape("SELECT 'abcdefgh' FROM foobar")
+        'SELECT 'abcdefgh' FROM foobar'
+        """
+
+        def escaper(value):
+            retVal = None
+            try:
+                retVal = "'%s'" % value
+            except UnicodeEncodeError:
+                retVal = "CONVERT(0x%s USING utf8)" % "".join("%.2x" % ord(_) for _ in utf8encode(value))
+            return retVal
+
+        return Syntax._escape(expression, quote, escaper)