You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Sorry to say , we can't share as per organisation policy
Command used
trufflehog docker --image=xxxxx.dkr.ecr.us-west-2.amazonaws.com/xx/aiops-pii-mask:1234_abcd_1234
Expected Behavior
Trufflehog should report the secrets exposed in docker config.json/metadata file
Actual Behavior
We have some JFROG passwords in docker metadata / layer information. Trufflehog not reporting them
Trufflehog seems to already be using https://github.com/google/go-containerregistry/, which has a tool called crane that can get this docker config data, so should not be impossible to scan the whole config instead. Might have a go at creating a pull request.
Please review the Community Note before submitting
TruffleHog Version
└─$ trufflehog --version
trufflehog 3.78.2
Trace Output
Sorry to say , we can't share as per organisation policy
Command used
trufflehog docker --image=xxxxx.dkr.ecr.us-west-2.amazonaws.com/xx/aiops-pii-mask:1234_abcd_1234
Expected Behavior
Trufflehog should report the secrets exposed in docker config.json/metadata file
Actual Behavior
We have some JFROG passwords in docker metadata / layer information. Trufflehog not reporting them
Environment
PRETTY_NAME="Kali GNU/Linux Rolling"
NAME="Kali GNU/Linux"
VERSION_ID="2024.1"
VERSION="2024.1"
VERSION_CODENAME=kali-rolling
ID=kali
ID_LIKE=debian
HOME_URL="https://www.kali.org/"
SUPPORT_URL="https://forums.kali.org/"
BUG_REPORT_URL="https://bugs.kali.org/"
ANSI_COLOR="1;31"
The text was updated successfully, but these errors were encountered: