On this page
apsyleg1 min read
#hex #encoding #sql-injection #load-file #tools
ASCII / HEX Converter
Converts a string to its hexadecimal representation with the 0x prefix — the format used by MySQL/MariaDB functions like LOAD_FILE().
Why
Some SQL injection scenarios require passing file paths or strings as HEX literals to bypass filters or avoid quote escaping:
SELECT LOAD_FILE(0x2F6574632F706173737764)
This is equivalent to:
SELECT LOAD_FILE('/etc/passwd')
HEX encoding avoids single quotes entirely, which helps when:
- Quotes are filtered or escaped
- WAF blocks string literals
- You need to pass binary data