How to Discover OpenClaw Hiding in Your Datacentre
A Cybersecurity team's nightmare. Here are a few ways you can detect OpenClaw lurking on your hosts.
Half of the internet is talking about how they now have a powerful personal assistant that runs on a cheap Mac Mini or a $5 a month VPS with a shared CPU and 4G or RAM.
The other half is complaining about how insecure OpenClaw is.
And lets not forget the YouTubers who have single-handedly;
- Built OpenClaw in 30 seconds
- Made it 10x more powerful in 1 click
- Created 3 AI employees and so on
(All videos you can find on YouTube 😄
Whichever side of the fence you are on, there is one thing that you cannot disagree with. It certainly is an interesting project that took the internet by storm.
So why do we care?
Right now it has 189,000 stars on GitHub, and it is estimated that there are 135,000 installed instances.
According to security researchers 63% have their management UI exposed on a public IP address, and according to the Shodan website, there are 8,646 instances exposed right now on the internet.
So what do we see if we apply the latest 2025 OWASP top 10 (8th edition)?
Broken Access Control remains OpenClaw's most critical issue. Hundreds of misconfigured admin interfaces are sitting wide open on the internet CVE-2026-25253 exploit grants operator-level access to the gateway API, enabling arbitrary config changes and code execution.
Security Misconfiguration is OpenClaw's biggest real-world problem. Most users click through a "next, next, next, finish" setup flow without understanding what they're configuring. Older versions still being deployed allowed configuration without any authentication at all.
Software Supply Chain Failures are a big issue. The ClawHub skills registry was catastrophically compromised: Bitdefender identified almost 900 malicious skills, nearly 20% of total packages.
Cryptographic Failures are critical when the management WebUI is exposed over HTTP without device identity checks. Authentication tokens are highly vulnerable.
Injection (or Prompt Injection) via messaging apps is a core attack vector. Attackers craft messages in Discord, Telegram, or WhatsApp that cause the agent to execute unintended tool calls. Malicious skills enable silent data exfiltration.
Insecure Design is a big one. OpenClaw was architecturally designed as a hobby project prioritising convenience. The primary objective of the framework is to provide an agent with system-wide permissions like system CLI commands, file modification, and network configuration.
Lets not forget Authentication Failures. Shodan scans discovered nearly a thousand publicly accessible installations running without any authentication whatsoever. Even with authentication enabled, CVE-2026-25253 bypasses it entirely via token theft. The vulnerability is exploitable even on instances configured to listen on loopback only, since the victim's browser initiates the outbound connection.
Software or Data Integrity Failures focuses on runtime integrity. A security audit identified 512 OpenClaw vulnerabilities, eight classified as critical.
Security Logging and Alerting features are almost non-existent. Bots often run unattended and with elevated access to sensitive credentials making silent compromises extremely difficult to detect. OpenClaw lacks robust audit logging for agent actions, autonomous tool calls, file reads, and configuration modifications happen without adequate audit trails.
Mishandling of Exceptional Conditions in OpenClaw is an issue in multiple scenarios: when the agent encounters malformed input, unexpected API responses, or rate-limiting from LLM providers. Error states can expose sensitive information like API keys and configuration details.
A Cybersecurity team's nightmare!
So what if you are concerned that you have OpenClaw servers running on your infrastructure?
Here are a few ways you can detect OpenClaw listening on your hosts.
Use OSQuery if you have it.
Its cross platform so no need to change it for different systems.
SELECT
p.name AS process_name,
p.pid,
p.path AS binary_path,
p.cmdline,
l.port,
l.address,
l.protocol,
p.start_time,
h.sha256
FROM listening_ports l
JOIN processes p ON l.pid = p.pid
LEFT JOIN hash h ON h.path = p.path
WHERE l.protocol = 6 -- TCP
AND l.port = 18789 -- Specific OpenClaw default port
AND (
LOWER(p.name) LIKE '%openclaw%'
OR LOWER(p.name) LIKE '%moltbot%'
OR LOWER(p.name) LIKE '%clawdbot%'
OR LOWER(p.cmdline) LIKE '%openclaw%'
OR LOWER(p.cmdline) LIKE '%moltbot%'
OR LOWER(p.cmdline) LIKE '%clawdbot%'
OR LOWER(p.path) LIKE '%openclaw%'
OR LOWER(p.path) LIKE '%moltbot%'
OR LOWER(p.path) LIKE '%clawdbot%'
);Here's how to do it with bash.
#!/bin/bash
# Detect OpenClaw-related processes on TCP port 18789
PORT=18789
KEYWORDS="openclaw|moltbot|clawdbot"
echo "OpenClaw Detection - Port $PORT"
echo "================================"
echo ""
# Check for listening processes on port 18789
echo "Listening processes on TCP port $PORT:"
ss -tlnp 2>/dev/null | grep ":$PORT " | grep -iE "$KEYWORDS"
echo ""
echo "Process details:"
for pid in $(ss -tlnp 2>/dev/null | grep ":$PORT " | grep -oP 'pid=\K[0-9]+'); do
if [ -d "/proc/$pid" ]; then
name=$(cat "/proc/$pid/comm" 2>/dev/null)
cmdline=$(tr '\0' ' ' < "/proc/$pid/cmdline" 2>/dev/null)
exe=$(readlink -f "/proc/$pid/exe" 2>/dev/null)
if echo "$name $cmdline $exe" | grep -qiE "$KEYWORDS"; then
echo "PID: $pid | Name: $name"
echo " Command: $cmdline"
echo " Binary: $exe"
[ -f "$exe" ] && echo " SHA256: $(sha256sum "$exe" 2>/dev/null | awk '{print $1}')"
echo ""
fi
fi
doneAnd with Windows PowerShell you might need to set your execution policy first.
Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy RemoteSignedHere's the PowerShell for Windows.
# Detect OpenClaw-related processes on TCP port 18789
$Port = 18789
$Keywords = @('openclaw', 'moltbot', 'clawdbot')
$pattern = ($Keywords | ForEach-Object { [regex]::Escape($_) }) -join '|'
Write-Host "OpenClaw Detection - Port $Port" -ForegroundColor Cyan
Write-Host "================================" -ForegroundColor Cyan
Write-Host ""
# Find TCP listeners on port 18789
$listeners = Get-NetTCPConnection -State Listen -LocalPort $Port -ErrorAction SilentlyContinue |
ForEach-Object {
$conn = $_
$proc = Get-Process -Id $conn.OwningProcess -ErrorAction SilentlyContinue
$procInfo = Get-CimInstance Win32_Process -Filter "ProcessId=$($conn.OwningProcess)" -ErrorAction SilentlyContinue
[PSCustomObject]@{
Port = $conn.LocalPort
PID = $conn.OwningProcess
Name = $proc.Name
Path = $proc.Path
CommandLine = $procInfo.CommandLine
}
} |
Where-Object {
($_.Name -match $pattern) -or
($_.Path -match $pattern) -or
($_.CommandLine -match $pattern)
}
if ($listeners) {
foreach ($proc in $listeners) {
Write-Host "PID: $($proc.PID) | Name: $($proc.Name)" -ForegroundColor Yellow
Write-Host " Command: $($proc.CommandLine)"
Write-Host " Binary: $($proc.Path)"
if ($proc.Path -and (Test-Path $proc.Path)) {
$hash = (Get-FileHash -Path $proc.Path -Algorithm SHA256).Hash
Write-Host " SHA256: $hash" -ForegroundColor Gray
}
Write-Host ""
}
} else {
Write-Host "No matching processes found on port $Port" -ForegroundColor Green
}Obviously check the code snippets before you run them 😉
Why not subscribe to receive posts like this in your inbox.
