Open Peer Power Open Peer Power
Edit this page on GitHub

Web server fingerprint

It was only a matter of time until the first queries for tools like https://www.shodan.io to search for Open Peer Power instances showed up.

To get an idea about how your Open Peer Power instance looks to a network scanner, you can use nmap. The nmap tool is already available if you are using the Nmap device tracker.

$ nmap -sV -p 8123 --script=http-title,http-headers 192.168.0.3

Starting Nmap 7.60 ( https://nmap.org ) at 2018-05-29 18:16 CEST
Nmap scan report for 192.168.0.3
Host is up (0.0058s latency).

PORT     STATE SERVICE VERSION
8123/tcp open  http    aiohttp 3.1.3 (Python 3.6)
| http-headers: 
|   Content-Type: text/html; charset=utf-8
|   Content-Length: 3073
|   Date: Tue, 29 May 2018 16:16:50 GMT
|   Server: Python/3.6 aiohttp/3.1.3
|   Connection: close
|   
|_  (Request type: GET)
|_http-server-header: Python/3.6 aiohttp/3.1.3
|_http-title: Open Peer Power

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 12.13 seconds

We don’t have an unique server banner but in combination with the HTML title Open Peer Power, is it simple to identify Open Peer Power instances.

$ nc 192.168.0.3 8123
GET / HTTP/1.1
host: localhost

HTTP/1.1 200 OK
Server: Python/3.6 aiohttp/3.1.3
[...]

One option to avoid this exposure is using a reverse proxy.