Merged back from personal branch to trunk (svn merge -r846:940 ...)

Changes:
* Major enhancement to the Microsoft SQL Server stored procedure
heap-based buffer overflow exploit (--os-bof) to automatically bypass
DEP memory protection.
* Added support for MySQL and PostgreSQL to execute Metasploit shellcode
via UDF 'sys_bineval' (in-memory, anti-forensics technique) as an
option instead of uploading the standalone payload stager executable.
* Added options for MySQL, PostgreSQL and Microsoft SQL Server to
read/add/delete Windows registry keys.
* Added options for MySQL and PostgreSQL to inject custom user-defined
functions.
* Added support for --first and --last so the user now has even more
granularity in what to enumerate in the query output.
* Minor enhancement to save the session by default in
'output/hostname/session' file if -s option is not specified.
* Minor improvement to automatically remove sqlmap created temporary
files from the DBMS underlying file system.
* Minor bugs fixed.
* Major code refactoring.

lib/controller/action.py

@@ -125,6 +125,10 @@ def action():
     if conf.sqlShell:
         conf.dbmsHandler.sqlShell()
 
+    # User-defined function options
+    if conf.udfInject:
+        conf.dbmsHandler.udfInjectCustom()
+
     # File system options
     if conf.rFile:
         dumper.string("%s file saved to" % conf.rFile, conf.dbmsHandler.readFile(conf.rFile), sort=False)
@@ -148,6 +152,16 @@ def action():
     if conf.osBof:
         conf.dbmsHandler.osBof()
 
+    # Windows registry options
+    if conf.regRead:
+        dumper.string("Registry key value data", conf.dbmsHandler.regRead())
+
+    if conf.regAdd:
+        conf.dbmsHandler.regAdd()
+
+    if conf.regDel:
+        conf.dbmsHandler.regDel()
+
     # Miscellaneous options
     if conf.cleanup:
         conf.dbmsHandler.cleanup()