Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trufflehog not detecting verified secrets after a simple pattern #3538

Open
Kiblyn11 opened this issue Oct 31, 2024 · 2 comments
Open

Trufflehog not detecting verified secrets after a simple pattern #3538

Kiblyn11 opened this issue Oct 31, 2024 · 2 comments
Labels
bug

Comments

@Kiblyn11
Copy link

Kiblyn11 commented Oct 31, 2024
edited
Loading

TruffleHog Version

3.83.1

Expected Behavior

Detect the AWS Secret

Actual Behavior

Detect nothing

Steps to Reproduce

  1. Generate AWS canary token
  2. Create a file test.txt
workflow_url=https://app.circleci.com/pipelines/github/testtest/testesttest
[default]
aws_access_key_id = ...
aws_secret_access_key = ...
output = json
region = us-east-2
  1. Run trufflehog trufflehog filesystem --only-verified --no-update --json test.txt
  2. No result

If I run on following, it is detected

test
[default]
aws_access_key_id = ...
aws_secret_access_key = ...
output = json
region = us-east-2

Please note it detect as expected if I remove --only-verified.

Environment

Mac OS / Linux
@Kiblyn11 Kiblyn11 added the bug label Oct 31, 2024
@Kiblyn11 Kiblyn11 changed the title Trufflehog not detecting secrets after a simple pattern Trufflehog not detecting verified secrets after a simple pattern Oct 31, 2024
@Abhijeet213
Copy link

Abhijeet213 commented Nov 3, 2024
edited
Loading

Can Elaborate You Problem

Or

If You Are Using --only-verified
this mean the app check that the variable like aws_access_key_id
value matches the aws id syntax 'AKAASJKJDKASHDAIUH'
Then If Matches He Display it

@Kiblyn11
Copy link
Author

Issue is --only-verified reports the secret on a file containing

test
[default]
aws_access_key_id = ...
aws_secret_access_key = ...
output = json
region = us-east-2

but not on a file like this

workflow_url=https://app.circleci.com/pipelines/github/testtest/testesttest
[default]
aws_access_key_id = ...
aws_secret_access_key = ...
output = json
region = us-east-2

I believe it should report in both cases.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Kiblyn11 @Abhijeet213