diff --git a/plugins/dbms/mssqlserver/syntax.py b/plugins/dbms/mssqlserver/syntax.py
index d079c0a32..3cafc5154 100644
--- a/plugins/dbms/mssqlserver/syntax.py
+++ b/plugins/dbms/mssqlserver/syntax.py
@@ -8,6 +8,7 @@ See the file 'doc/COPYING' for copying permission
 """
 
 from lib.core.exception import sqlmapSyntaxException
+
 from plugins.generic.syntax import Syntax as GenericSyntax
 
 class Syntax(GenericSyntax):
@@ -30,7 +31,6 @@ class Syntax(GenericSyntax):
 
                 lastIndex = firstIndex + index
                 old = "'%s'" % expression[firstIndex:lastIndex]
-                #unescaped = "("
                 unescaped = ""
 
                 for i in xrange(firstIndex, lastIndex):
diff --git a/plugins/dbms/sybase/syntax.py b/plugins/dbms/sybase/syntax.py
index 694fe3eef..6b00f868c 100644
--- a/plugins/dbms/sybase/syntax.py
+++ b/plugins/dbms/sybase/syntax.py
@@ -31,11 +31,10 @@ class Syntax(GenericSyntax):
 
                 lastIndex = firstIndex + index
                 old = "'%s'" % expression[firstIndex:lastIndex]
-                #unescaped = "("
                 unescaped = ""
 
                 for i in xrange(firstIndex, lastIndex):
-                    unescaped += "CHAR(%d)" % (ord(expression[i]))
+                    unescaped += "%s(%d)" % ("CHAR" if ord(expression[i]) < 256 else "TO_UNICHAR", ord(expression[i]))
                     if i < lastIndex - 1:
                         unescaped += "+"