github-starred/frp
2
0
Fork 0
mirror of https://github.com/fatedier/frp.git synced 2026-05-15 08:05:49 -06:00
Code Issues 40 Projects Packages Wiki Activity Actions 1

[GH-ISSUE #2003] Frpc will be killed in windows 10 2004 #1592

New issue
Closed
opened 2026-05-05 13:00:49 -06:00 by gitea-mirror · 8 comments
gitea-mirror commented 2026-05-05 13:00:49 -06:00
Owner
Copy link

Originally created by @minskiter on GitHub (Sep 22, 2020).
Original GitHub issue: https://github.com/fatedier/frp/issues/2003

image

Originally created by @minskiter on GitHub (Sep 22, 2020). Original GitHub issue: https://github.com/fatedier/frp/issues/2003 ![image](https://user-images.githubusercontent.com/23184022/93890307-cb4db300-fd1c-11ea-99bb-ac2a4ddd174e.png)
gitea-mirror 2026-05-05 13:00:49 -06:00
  • closed this issue
  • added the
    duplicate
         label
gitea-mirror commented 2026-05-05 13:00:52 -06:00
Author
Owner
Copy link

@limaofu commented on GitHub (Sep 23, 2020):

Holy win 10 shit

<!-- gh-comment-id:697061241 --> @limaofu commented on GitHub (Sep 23, 2020): Holy win 10 shit
gitea-mirror commented 2026-05-05 13:00:53 -06:00
Author
Owner
Copy link

@blizard863 commented on GitHub (Sep 23, 2020):

https://github.com/fatedier/frp/issues/1989

<!-- gh-comment-id:697078220 --> @blizard863 commented on GitHub (Sep 23, 2020): https://github.com/fatedier/frp/issues/1989
gitea-mirror commented 2026-05-05 13:00:54 -06:00
Author
Owner
Copy link

@blizard863 commented on GitHub (Sep 23, 2020):

try to close the firewall.

<!-- gh-comment-id:697078604 --> @blizard863 commented on GitHub (Sep 23, 2020): try to close the firewall.
gitea-mirror commented 2026-05-05 13:00:55 -06:00
Author
Owner
Copy link

@minskiter commented on GitHub (Sep 23, 2020):

https://s.tencent.com/research/report/1060.html

<!-- gh-comment-id:697108258 --> @minskiter commented on GitHub (Sep 23, 2020): https://s.tencent.com/research/report/1060.html
gitea-mirror commented 2026-05-05 13:00:56 -06:00
Author
Owner
Copy link

@fatedier commented on GitHub (Sep 23, 2020):

腾讯安全威胁情报中心检测到针对MSSQL服务器攻击的挖矿木马,该挖矿木马主要针对MS SQL服务进行爆破弱口令攻击,爆破成功后会植入门罗币挖矿木马进行挖矿。同时攻击者下载frpc内网穿透工具安装后门,并会添加用户以方便入侵者远程登录该服务器。

你贴的新闻,翻译一下,是因为 MSSQL 弱口令,导致被攻击者植入木马,攻击者会下载 frpc 工具来做远程控制。

攻击者下载的 frpc 没有被查杀,可能是做过了加壳等其他消除特征的处理。

从 github 下载的 frpc,是原生 go 编译的二进制文件,没有做过特殊处理,如果被查杀,建议:

  1. 添加白名单。
  2. 不使用 frpc。
  3. 自己从源码编译。

是否报毒取决于 go 编译的一些行为特征,windows 平台的二进制也是在 linux 平台上交叉编译出来。这一类问题之后不会再继续回复。

<!-- gh-comment-id:697112889 --> @fatedier commented on GitHub (Sep 23, 2020): > 腾讯安全威胁情报中心检测到针对MSSQL服务器攻击的挖矿木马,该挖矿木马主要针对MS SQL服务进行爆破弱口令攻击,爆破成功后会植入门罗币挖矿木马进行挖矿。同时攻击者下载frpc内网穿透工具安装后门,并会添加用户以方便入侵者远程登录该服务器。 你贴的新闻,翻译一下,是因为 MSSQL 弱口令,导致被攻击者植入木马,攻击者会下载 frpc 工具来做远程控制。 攻击者下载的 frpc 没有被查杀,可能是做过了加壳等其他消除特征的处理。 从 github 下载的 frpc,是原生 go 编译的二进制文件,没有做过特殊处理,如果被查杀,建议: 1. 添加白名单。 2. 不使用 frpc。 3. 自己从源码编译。 是否报毒取决于 go 编译的一些行为特征,windows 平台的二进制也是在 linux 平台上交叉编译出来。这一类问题之后不会再继续回复。
gitea-mirror commented 2026-05-05 13:00:56 -06:00
Author
Owner
Copy link

@huruka commented on GitHub (Nov 9, 2020):

备注:自带防火墙(Windows 安全中心)添加白名单
病毒和威胁防护 - 管理设置 - (下滚)添加或删除排除项 - 添加排除项

<!-- gh-comment-id:724055381 --> @huruka commented on GitHub (Nov 9, 2020): 备注:自带防火墙(Windows 安全中心)添加白名单 病毒和威胁防护 - 管理设置 - (下滚)添加或删除排除项 - 添加排除项
gitea-mirror commented 2026-05-05 13:00:57 -06:00
Author
Owner
Copy link

@ckmark commented on GitHub (Dec 25, 2020):

自己编译防止被查杀的话,具体需要增加什么编译选项么?还是直接下源码来编译就行?

<!-- gh-comment-id:751146528 --> @ckmark commented on GitHub (Dec 25, 2020): 自己编译防止被查杀的话,具体需要增加什么编译选项么?还是直接下源码来编译就行?
gitea-mirror commented 2026-05-05 13:00:58 -06:00
Author
Owner
Copy link

@yzkj-tom commented on GitHub (Dec 19, 2025):

自己编译的没有问题, 从release 下载的会报毒

<!-- gh-comment-id:3673362024 --> @yzkj-tom commented on GitHub (Dec 19, 2025): 自己编译的没有问题, 从release 下载的会报毒
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
dev
new
master
copilot/review-pull-request-5198
v0.68.1
v0.68.0
v0.67.0
v0.66.0
v0.65.0
v0.64.0
v0.63.0
v0.62.1
v0.62.0
v0.61.2
v0.61.1
v0.61.0
v0.60.0
v0.59.0
v0.58.1
v0.58.0
v0.57.0
v0.56.0
v0.55.1
v0.55.0
v0.54.0
v0.53.2
v0.53.1
v0.53.0
v0.52.3
v0.52.2
v0.52.1
v0.52.0
v0.51.3
v0.51.2
v0.51.1
v0.51.0
v0.50.0
v0.49.0
v0.48.0
v0.47.0
v0.46.1
v0.46.0
v0.45.0
v0.44.0
v0.43.0
v0.42.0
v0.41.0
v0.40.0
v0.39.1
v0.39.0
v0.38.0
v0.37.1
v0.37.0
v0.36.2
v0.36.1
v0.36.0
v0.35.1
v0.35.0
v0.34.3
v0.34.2
v0.34.1
v0.34.0
v0.33.0
v0.32.1
v0.32.0
v0.31.2
v0.31.1
v0.31.0
v0.30.0
v0.29.1
v0.29.0
v0.28.2
v0.28.1
v0.28.0
v0.27.1
v0.27.0
v0.26.0
v0.25.3
v0.25.2
v0.25.1
v0.25.0
v0.24.1
v0.24.0
v0.23.3
v0.23.2
v0.23.1
v0.23.0
v0.22.0
v0.21.0
v0.20.0
v0.19.1
v0.19.0
v0.18.0
v0.17.0
v0.16.1
v0.16.0
v0.15.1
v0.15.0
v0.14.1
v0.14.0
v0.13.0
v0.12.0
v0.11.0
v0.10.0
v0.9.3
v0.9.2
v0.9.1
v0.9.0
v0.8.1
v0.8.0
v0.7.0
v0.6.0
v0.5.0
v0.3.0
v0.2.0
v0.1.0
Labels
Clear labels   
In Progress

   
WIP

   
WaitingForInfo

   
bug

   
doc

   
duplicate

   
easy

   
enhancement

   
future

   
help wanted

   
invalid

   
lifecycle/stale

   
need-issue-template

   
need-usage-help

   
no plan

   
proposal

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
todo
No labels
In Progress
WIP
WaitingForInfo
bug
doc
duplicate
easy
enhancement
future
help wanted
invalid
lifecycle/stale
need-issue-template
need-usage-help
no plan
proposal
pull-request
question
todo
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/frp#1592
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?