lankhulani za zida zothandiza kwa pentesters. M'nkhani yatsopanoyi tiwona zida zowunikira chitetezo cha mapulogalamu a pa intaneti.
Mnzathu Ndachita kale chonchi pafupifupi zaka zisanu ndi ziwiri zapitazo. Ndizosangalatsa kuwona kuti ndi zida ziti zomwe zasunga ndikulimbitsa malo awo, ndi zomwe zidazimiririka kumbuyo ndipo sizikugwiritsidwa ntchito kawirikawiri.
Zindikirani kuti izi zikuphatikizanso Burp Suite, koma padzakhala buku lapadera la izi ndi mapulagini ake othandiza.
Zamkatimu:
Kuchuluka
- chida cha Go posaka ndikuwerengera ma subdomain a DNS ndikujambula maukonde akunja. Amass ndi pulojekiti ya OWASP yopangidwa kuti iwonetse momwe mabungwe pa intaneti amawonekera kwa anthu akunja. Amass amapeza mayina a subdomain m'njira zosiyanasiyana; chidacho chimagwiritsa ntchito kubwereza kobwerezabwereza kwa ma subdomain ndi kusaka kotsegula.
Kuti mupeze magawo olumikizana ndi netiweki ndi manambala odziyimira pawokha, Amass amagwiritsa ntchito ma adilesi a IP omwe amapezeka panthawi yogwira ntchito. Zonse zomwe zapezeka zimagwiritsidwa ntchito kupanga mapu a netiweki.
Zotsatira:
- Njira zosonkhanitsira zidziwitso ndi izi:
* DNS - kusaka kwa mtanthauzira mawu a subdomains, bruteforce subdomains, kusaka mwanzeru pogwiritsa ntchito masinthidwe otengera ma subdomain omwe apezeka, sinthani mafunso a DNS ndikufufuza ma seva a DNS komwe ndikotheka kuyitanitsa zone (AXFR);* Kusaka kotsegula - Funsani, Baidu, Bing, CommonCrawl, DNSDB, DNSDumpster, DNSTable, Dogpile, Exalead, FindSubdomains, Google, IPv4Info, Netcraft, PTRArchive, Riddler, SiteDossier, ThreatCrowd, VirusTotal, Yahoo;
* Sakani nkhokwe za satifiketi ya TLS - Censys, CertDB, CertSpotter, Crtsh, Entrust;
* Kugwiritsa ntchito injini zosakira APIs - BinaryEdge, BufferOver, CIRCL, HackerTarget, PassiveTotal, Robtex, SecurityTrails, Shodan, Twitter, Umbrella, URLScan;
* Sakani zolemba zakale zapaintaneti: ArchiveIt, ArchiveToday, Arquivo, LoCArchive, OpenUKArchive, UKGovArchive, Wayback;
- Kuphatikizana ndi Maltego;
- Imapereka chithunzithunzi chokwanira kwambiri cha ntchito yosaka ma DNS subdomains.
Wotsatsa:
- Samalani ndi amass.netdomains - idzayesa kulumikizana ndi ma adilesi onse a IP omwe ali pamalo omwe adziwika ndikupeza mayina amadomeni kuchokera pakuwunika kwa DNS ndi ziphaso za TLS. Iyi ndi njira "yapamwamba", imatha kuwulula zochita zanu zanzeru m'gulu lomwe likufufuzidwa.
- Kugwiritsa ntchito kwambiri kukumbukira, kumatha kudya mpaka 2 GB ya RAM m'malo osiyanasiyana, zomwe sizingakupatseni kugwiritsa ntchito chida ichi mumtambo pa VDS yotsika mtengo.
Altdns
- chida cha Python cholemba mabuku otanthauzira mawu owerengera ma DNS subdomains. Imakulolani kuti mupange mitundu yambiri yama subdomain pogwiritsa ntchito masinthidwe ndi zilolezo. Pachifukwa ichi, mawu omwe amapezeka nthawi zambiri m'magawo ang'onoang'ono amagwiritsidwa ntchito (mwachitsanzo: kuyesa, dev, staging), masinthidwe onse ndi zololeza zimagwiritsidwa ntchito kumagulu omwe amadziwika kale, omwe amatha kuperekedwa ku Altdns input. Zotsatira zake ndi mndandanda wamitundu yosiyanasiyana ya subdomains yomwe ingakhalepo, ndipo mndandandawu ukhoza kugwiritsidwa ntchito pambuyo pake pa DNS brute force.
Zotsatira:
- Zimagwira ntchito bwino ndi ma data akuluakulu.
aquatone
- idadziwika bwino ngati chida china chofufuzira ma subdomains, koma wolemba mwiniyo adasiya izi m'malo mwa Amass omwe tawatchulawa. Tsopano aquatone yalembedwanso mu Go ndipo ikukonzekera kuwunikiranso koyambirira pamasamba. Kuti muchite izi, aquatone imadutsa m'magawo omwe adatchulidwa ndikufufuza mawebusayiti pamadoko osiyanasiyana, pambuyo pake imasonkhanitsa zidziwitso zonse za tsambalo ndikujambula. Ndikoyenera kuwunikiranso mwachangu mawebusayiti, pambuyo pake mutha kusankha zomwe mukufuna kuziwukira.
Zotsatira:
- Zotsatira zake zimapanga gulu la mafayilo ndi zikwatu zomwe ndizosavuta kugwiritsa ntchito mukamagwiranso ntchito ndi zida zina:
* Lipoti la HTML lokhala ndi zowonera zosonkhanitsidwa ndi maudindo oyankha omwe ali m'magulu ofanana;* Fayilo yokhala ndi ma URL onse komwe masamba adapezeka;
* Fayilo yokhala ndi ziwerengero ndi masamba;
* Chikwatu chokhala ndi mafayilo okhala ndi mitu yakuyankha kuchokera pazomwe zapezeka;
* Foda yokhala ndi mafayilo omwe ali ndi mayankho kuchokera pazomwe zapezeka;
* Zithunzi zamawebusayiti omwe adapezeka;
- Imathandizira kugwira ntchito ndi malipoti a XML kuchokera ku Nmap ndi Masscan;
- Imagwiritsa ntchito Chrome/Chromium yopanda mutu kuti ipange zithunzi.
Wotsatsa:
- Zitha kukopa chidwi cha machitidwe ozindikira kuti akulowa, kotero pamafunika kasinthidwe.
Chithunzicho chinatengedwa pa imodzi mwa mitundu yakale ya aquatone (v0.5.0), momwe kufufuza kwa DNS subdomain kunakhazikitsidwa. Mabaibulo akale angapezeke pa .
Masauti
ndi chida china chopezera ma DNS subdomains. Kusiyana kwake kwakukulu ndikuti imapangitsa mafunso a DNS mwachindunji kwa osintha osiyanasiyana a DNS ndipo amatero mwachangu kwambiri.
Zotsatira:
- Mwamsanga - wokhoza kuthetsa mayina oposa 350 zikwi pamphindi.
Wotsatsa:
- MassDNS ikhoza kubweretsa katundu wambiri pa zosintha za DNS zomwe zikugwiritsidwa ntchito, zomwe zingayambitse kuletsa ma seva kapena madandaulo kwa ISP yanu. Kuphatikiza apo, idzayika katundu wambiri pa ma seva a DNS a kampaniyo, ngati ali nawo komanso ngati ali ndi udindo pamadera omwe mukuyesera kuthetsa.
- Mndandanda wa otsimikiza ndi wachikale, koma ngati mutasankha zosintha za DNS zosweka ndikuwonjezera zatsopano, zonse zikhala bwino.
Chithunzi cha aquatone v0.5.0
nsec3map
ndi chida cha Python chopezera mndandanda wathunthu wa madera otetezedwa ndi DNSSEC.
Zotsatira:
- Imazindikira mwachangu omwe ali m'magawo a DNS okhala ndi mafunso ochepa ngati thandizo la DNSSEC layatsidwa m'derali;
- Mulinso pulogalamu yowonjezera ya John the Ripper yomwe ingagwiritsidwe ntchito kusokoneza NSEC3 hashes.
Wotsatsa:
- Zolakwika zambiri za DNS sizimayendetsedwa bwino;
- Palibe kufananiza kodziwikiratu pakukonza ma NSEC - muyenera kugawa malowa pamanja;
- Kugwiritsa ntchito kwambiri kukumbukira.
Acunetix
- makina osakira osatetezeka a pa intaneti omwe amangoyang'ana chitetezo cha mapulogalamu a pa intaneti. Imayesa kugwiritsa ntchito jakisoni wa SQL, XSS, XXE, SSRF ndi zovuta zina zambiri pa intaneti. Komabe, monga sikena ina iliyonse, zovuta zosiyanasiyana zapaintaneti sizilowa m'malo mwa pentester, chifukwa sizipeza zovuta kapena zofooka mumalingaliro. Koma imakhudza zofooka zambiri zosiyanasiyana, kuphatikiza ma CVE osiyanasiyana, omwe pentester mwina adayiwala, kotero ndikosavuta kukumasulani kumacheke wamba.
Zotsatira:
- Mlingo wotsika wa zabwino zabodza;
- Zotsatira zitha kutumizidwa kunja ngati malipoti;
- Amachita macheke ambiri pazovuta zosiyanasiyana;
- Kusanthula kofananira kwa makamu angapo.
Wotsatsa:
- Palibe deduplication aligorivimu (Acunetix idzawona masamba omwe ali ofanana mu magwiridwe antchito kukhala osiyana, popeza amatsogolera ku ma URL osiyanasiyana), koma opanga akugwira ntchito;
- Imafunika kuyika pa seva yosiyana, yomwe imasokoneza makina oyesa makasitomala ndi kulumikizana kwa VPN ndikugwiritsa ntchito scanner pagawo lakutali la netiweki yamakasitomala akomweko;
- Ntchito yomwe ikuphunziridwa ikhoza kupanga phokoso, mwachitsanzo, potumiza ma vector ochuluka kwambiri pa fomu yolumikizirana nawo patsamba, motero zimasokoneza kwambiri mabizinesi;
- Ndi eni ake, motero, si yankho laulere.
Kafukufuku
- chida cha Python chowongolera mokakamiza komanso mafayilo pamawebusayiti.
Zotsatira:
- Mutha kusiyanitsa masamba enieni a "200 OK" kuchokera kumasamba "200 OK", koma ndi mawu akuti "tsamba silinapezeke";
- Imabwera ndi dikishonale yothandiza yomwe ili ndi malire abwino pakati pa kukula ndi kusaka bwino. Muli njira wamba zofala CMS ambiri ndi luso stacks;
- Kapangidwe kake ka mtanthauzira mawu, komwe kumakupatsani mwayi wokwaniritsa bwino komanso kusinthasintha pakuwerengera mafayilo ndi maupangiri;
- Kutulutsa kosavuta - mawu osavuta, JSON;
- Ikhoza kuchita throttling - kupuma pakati pa zopempha, zomwe ziri zofunika pa ntchito iliyonse yofooka.
Wotsatsa:
- Zowonjezera ziyenera kuperekedwa ngati chingwe, chomwe chimakhala chovuta ngati mukufuna kudutsa zowonjezera zambiri nthawi imodzi;
- Kuti mugwiritse ntchito dikishonale yanu, ifunika kusinthidwa pang'ono kukhala mtundu wa mtanthauzira mawu wa Dirsearch kuti mugwire bwino ntchito.
uwu
- Python web application fuzzer. Mwinamwake m'modzi mwa odziwika kwambiri pa intaneti. Mfundo yake ndi yosavuta: wfuzz imakulolani kuti mutenge malo aliwonse mu pempho la HTTP, zomwe zimapangitsa kuti pakhale magawo a GET / POST, mitu ya HTTP, kuphatikizapo Cookie ndi mitu ina yovomerezeka. Nthawi yomweyo, ndi yabwino kwa osavuta brute mphamvu akalozera ndi owona, amene mufunika mtanthauzira wabwino. Ilinso ndi mawonekedwe a fyuluta osinthika, omwe mungathe kusefa mayankho kuchokera pa webusaitiyi molingana ndi magawo osiyanasiyana, omwe amakulolani kuti mukwaniritse zotsatira zabwino.
Zotsatira:
- Multifunctional - kapangidwe modular, msonkhano umatenga mphindi zochepa;
- Makina osefa osavuta komanso ophatikizira;
- Mutha kuyika njira iliyonse ya HTTP, komanso malo aliwonse pazopempha za HTTP.
Wotsatsa:
- Pansi pa chitukuko.
mfuu
- fuzzer yapaintaneti ku Go, yopangidwa mu "chifaniziro ndi mawonekedwe" a wfuzz, imakupatsani mwayi kuti muwononge mafayilo, maulalo, njira za URL, mayina ndi mayendedwe a GET / POST magawo, mitu ya HTTP, kuphatikiza mutu wa Host for brute force wa makamu pafupifupi. wfuzz imasiyana ndi mchimwene wake pa liwiro lapamwamba komanso zina zatsopano, mwachitsanzo, imathandizira madikishonale amitundu ya Dirsearch.
Zotsatira:
- Zosefera ndizofanana ndi zosefera za wfuzz, zimakulolani kuti musinthe mphamvu zankhanza;
- Imakulolani kuti mufufuze zamutu wa HTTP, zopempha za POST ndi magawo osiyanasiyana a ulalo, kuphatikiza mayina ndi mayendedwe a GET;
- Mutha kufotokoza njira iliyonse ya HTTP.
Wotsatsa:
- Pansi pa chitukuko.
gobuster
- Chida cha Go chowunikiranso, chili ndi njira ziwiri zogwirira ntchito. Yoyamba imagwiritsidwa ntchito kuchitira nkhanza mafayilo ndi zolemba patsamba, yachiwiri imagwiritsidwa ntchito kukakamiza ma subdomain a DNS. Chidachi sichikuthandizira kubwereza mobwerezabwereza kwa mafayilo ndi zolemba, zomwe, ndithudi, zimapulumutsa nthawi, koma kumbali ina, mphamvu yowonongeka ya mapeto atsopano pa webusaitiyi iyenera kukhazikitsidwa mosiyana.
Zotsatira:
- Kuthamanga kwambiri kwa ntchito posakasaka mwamphamvu kwa ma DNS subdomains komanso mafayilo amawu ndi maupangiri.
Wotsatsa:
- Mtundu wapano sugwirizana ndi kuyika mitu ya HTTP;
- Mwachikhazikitso, ma code ena a HTTP okha (200,204,301,302,307) amaonedwa kuti ndi ovomerezeka.
Arjun
- chida champhamvu chankhanza zobisika za HTTP magawo mu GET/POST magawo, komanso mu JSON. Mtanthauzira mawu womangidwamo uli ndi mawu 25, omwe Ajrun amawunika pafupifupi masekondi 980. Chinyengo ndichakuti Ajrun sayang'ana gawo lililonse padera, koma amayang'ana ~ magawo 30 nthawi imodzi ndikuwona ngati yankho lasintha. Ngati yankho lasintha, limagawa magawo a 1000 kukhala magawo awiri ndikuwunika kuti ndi ziti zomwe zimakhudza yankho. Choncho, pogwiritsa ntchito kufufuza kosavuta kwa binary, chizindikiro kapena magawo angapo obisika amapezeka omwe adakhudza yankho ndipo, motero, akhoza kukhalapo.
Zotsatira:
- Kuthamanga kwakukulu chifukwa chakusaka kwa binary;
- Thandizo la magawo a GET / POST, komanso magawo mu mawonekedwe a JSON;
Pulogalamu yowonjezera ya Burp Suite imagwira ntchito mofananamo - , yomwe ilinso yabwino kwambiri pakupeza magawo obisika a HTTP. Tikuwuzani zambiri za izi m'nkhani yomwe ikubwera yokhudza Burp ndi mapulagini ake.
LinkFinder
- Cholemba cha Python posaka maulalo mumafayilo a JavaScript. Ndizothandiza kupeza mathero/ma URL obisika kapena oiwalika mu pulogalamu yapaintaneti.
Zotsatira:
- Fast;
- Pali pulogalamu yowonjezera ya Chrome yozikidwa pa LinkFinder.
.
Wotsatsa:
- Kumaliza komaliza kosokoneza;
- Sasanthula JavaScript pakapita nthawi;
- Lingaliro losavuta posaka maulalo - ngati JavaScript ndiyobisika mwanjira ina, kapena maulalowo akusowa ndipo amapangidwa mwamphamvu, ndiye kuti sangathe kupeza chilichonse.
JSParser
ndi Python script yomwe imagwiritsa ntchito ΠΈ kuti musanthule ma URL achibale kuchokera kumafayilo a JavaScript. Zothandiza kwambiri pozindikira zopempha za AJAX ndikulemba mndandanda wa njira za API zomwe pulogalamuyo imalumikizana nayo. Imagwira bwino ntchito limodzi ndi LinkFinder.
Zotsatira:
- Kusanthula mwachangu mafayilo a JavaScript.
sqlmap
mwina ndi chimodzi mwa zida zodziwika bwino zowunikira mawebusayiti. Sqlmap imagwiritsa ntchito kusaka ndi kugwiritsa ntchito jakisoni wa SQL, imagwira ntchito ndi zilankhulo zingapo za SQL, ndipo ili ndi njira zingapo zosiyanasiyana pagulu lake lankhondo, kuyambira mawu olunjika mpaka ma vector ovuta a jakisoni wa SQL wokhazikika. Kuonjezera apo, ili ndi njira zambiri zogwiritsira ntchito ma DBMS osiyanasiyana, kotero ndizothandiza osati ngati scanner ya jakisoni wa SQL, komanso ngati chida champhamvu chogwiritsira ntchito majekeseni a SQL omwe amapezeka kale.
Zotsatira:
- Chiwerengero chachikulu cha njira zosiyanasiyana ndi ma vector;
- Chiwerengero chochepa cha zizindikiro zabodza;
- Zosankha zambiri zokongoletsedwa bwino, njira zosiyanasiyana, nkhokwe ya chandamale, zolembera zodutsira WAF;
- Kutha kupanga dambo lotulutsa;
- Maluso osiyanasiyana ogwirira ntchito, mwachitsanzo, pamasamba ena - kutsitsa / kutsitsa mafayilo, kupeza kuthekera kochita malamulo (RCE) ndi ena;
- Thandizo lolumikizana mwachindunji ndi database pogwiritsa ntchito zomwe zapezeka pakuwukira;
- Mutha kutumiza fayilo yokhala ndi zotsatira za Burp ngati zolowetsa - palibe chifukwa cholembera pamanja mizere yonse yamalamulo.
Wotsatsa:
- Ndizovuta kusintha, mwachitsanzo, kulemba macheke anu ena chifukwa chosowa zolemba za izi;
- Popanda makonda oyenerera, imapanga macheke osakwanira, omwe angakhale osocheretsa.
NoSQLMap
- chida cha Python chosinthira kusaka ndi kugwiritsa ntchito jakisoni wa NoSQL. Ndizosavuta kugwiritsa ntchito osati muzosungira za NoSQL zokha, komanso mwachindunji mukawunika mawebusayiti omwe amagwiritsa ntchito NoSQL.
Zotsatira:
- Monga sqlmap, sichimangopeza chiwopsezo chotheka, komanso imayang'ananso kuthekera kwakugwiritsa ntchito MongoDB ndi CouchDB.
Wotsatsa:
- Sichithandizira NoSQL ya Redis, Cassandra, chitukuko chikuchitika motere.
oxml_xx
- chida chophatikizira XXE XML imagwiritsa ntchito mafayilo osiyanasiyana omwe amagwiritsa ntchito mtundu wa XML mwanjira ina.
Zotsatira:
- Imathandizira mawonekedwe ambiri wamba monga DOCX, ODT, SVG, XML.
Wotsatsa:
- Kuthandizira kwa PDF, JPEG, GIF sikukwaniritsidwa;
- Amapanga fayilo imodzi yokha. Kuti muthane ndi vutoli mutha kugwiritsa ntchito chida , zomwe zimatha kupanga mafayilo ambiri olipira m'malo osiyanasiyana.
Zida zomwe zili pamwambapa zimagwira ntchito yabwino kuyesa XXE potsitsa zolemba zomwe zili ndi XML. Koma kumbukiraninso kuti opanga mawonekedwe a XML atha kupezeka nthawi zina zambiri, mwachitsanzo, XML itha kugwiritsidwa ntchito ngati mtundu wa data m'malo mwa JSON.
Chifukwa chake, tikupangira kuti musamalire zosungira zotsatirazi, zomwe zili ndi ndalama zambiri zosiyanasiyana: .
tplmap
- chida cha Python chodziwikiratu ndikugwiritsa ntchito zovuta za Injection ya Server-Side Template; ili ndi makonda ndi mbendera zofanana ndi sqlmap. Amagwiritsa ntchito njira zingapo ndi ma vector osiyanasiyana, kuphatikiza jakisoni wakhungu, komanso ali ndi njira zopangira ma code ndi kutsitsa / kutsitsa mafayilo osasintha. Kuphatikiza apo, ali ndi zida zake zankhondo zama injini khumi ndi awiri osiyanasiyana a template ndi njira zina zofufuzira jakisoni wa eval()-monga code mu Python, Ruby, PHP, JavaScript. Ngati zikuyenda bwino, zimatsegula cholumikizira cholumikizirana.
Zotsatira:
- Chiwerengero chachikulu cha njira zosiyanasiyana ndi ma vector;
- Imathandizira injini zambiri zoperekera ma template;
- Njira zambiri zogwirira ntchito.
Mtengo wa CeWL
- jenereta wa mtanthauzira mawu mu Ruby, wopangidwa kuti atulutse mawu apadera patsamba linalake, amatsata maulalo patsambalo mpaka kuzama komwe kunanenedwa. Mtanthauzira mawu wophatikizidwa wa mawu apadera pambuyo pake atha kugwiritsidwa ntchito kukakamiza mawu achinsinsi pa mautumiki kapena mafayilo amawu ndi zolemba patsamba lomwelo, kapena kuukira ma hashcat kapena John the Ripper. Zothandiza polemba "chandandanda" mndandanda wa mawu achinsinsi omwe angathe.
Zotsatira:
- Yosavuta kugwiritsa ntchito.
Wotsatsa:
- Muyenera kusamala ndikuzama kwakusaka kuti musagwire domain yowonjezera.
Weakpass
- ntchito yomwe ili ndi otanthauzira ambiri okhala ndi mawu achinsinsi apadera. Zothandiza kwambiri pazantchito zosiyanasiyana zokhudzana ndi kusokoneza mawu achinsinsi, kuyambira kuphatikizira kosavuta kwaakaunti pa intaneti pazomwe mukufuna, mpaka kuphatikizika kwamphamvu kwamahashi omwe alandilidwa pogwiritsa ntchito intaneti. kapena . Ili ndi mawu achinsinsi pafupifupi 8 biliyoni kuyambira zilembo 4 mpaka 25 m'litali.
Zotsatira:
- Muli ndi mawu otanthauzira enieni komanso otanthauzira mawu omwe ali ndi mawu achinsinsi odziwika - mutha kusankha dikishonale yapadera pazofuna zanu;
- Madikishonale amasinthidwa ndikuwonjezeredwa ndi mawu achinsinsi atsopano;
- Madikishonale amasanjidwa mwaluso. Mutha kusankha njira yophatikizira mwachangu pa intaneti ndikusankha mwatsatanetsatane mawu achinsinsi kuchokera mudikishonale ya voluminous yokhala ndi kutayikira kwaposachedwa;
- Pali chowerengera chomwe chikuwonetsa nthawi yomwe imatenga kuti muwononge mawu achinsinsi pazida zanu.
Tikufuna kuphatikiza zida zamacheke a CMS mugulu linalake: WPScan, JoomScan ndi AEM hacker.
AEM_hacker
ndi chida chodziwira zofooka mu mapulogalamu a Adobe Experience Manager (AEM).
Zotsatira:
- Itha kuzindikira mapulogalamu a AEM pamndandanda wa ma URL omwe atumizidwa ku zomwe alemba;
- Lili ndi zolemba zopezera RCE pokweza chipolopolo cha JSP kapena kugwiritsa ntchito SSRF.
JoomScan
- chida cha Perl chodziwikiratu zowopsa potumiza Joomla CMS.
Zotsatira:
- Kutha kupeza zolakwika za kasinthidwe ndi mavuto ndi zoikamo zoyang'anira;
- Imalemba zolemba za Joomla ndi zovuta zomwe zimagwirizanitsidwa nazo, mofanana ndi zigawo zake;
- Lili ndi zochitika zoposa 1000 za zigawo za Joomla;
- Kutulutsa kwa malipoti omaliza m'mawu ndi ma HTML.
WPScan
- chida chosanthula masamba a WordPress, ili ndi zofooka mu zida zake zonse za injini ya WordPress yokha komanso mapulagini ena.
Zotsatira:
- Wokhoza kulembetsa osati mapulagini osatetezeka a WordPress ndi mitu, komanso kupeza mndandanda wa ogwiritsa ntchito ndi mafayilo a TimThumb;
- Itha kuchita ziwopsezo zankhanza pamasamba a WordPress.
Wotsatsa:
- Popanda makonda oyenerera, imapanga macheke osakwanira, omwe angakhale osocheretsa.
Nthawi zambiri, anthu osiyanasiyana amakonda zida zosiyanasiyana zogwirira ntchito: zonse ndi zabwino mwanjira yawoyawo, ndipo zomwe munthu amakonda sizingafanane ndi mnzake. Ngati mukuganiza kuti tanyalanyaza mopanda chilungamo zofunikira zina, lembani za izi mu ndemanga!
Source: www.habr.com