You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In the test example given below, the raw result should be: $6$rounds=656000$TfzXxXnsPbgX0ZnH$S4I6mO0ca8cESdfonaWglmF/zCQUK6hXQsg/hGED999vav3lqLI9/1NV5CSu0sm1BlR0ZiQW6S.vJOigT622z0
Actual Behavior
Raw result is actually: $6$rounds=656000$TfzXxXnsPbgX0ZnH$S4I6mO0ca8cESdfonaWglmF/zCQUK6hXQsg/hGED999vav3lqLI9/1NV5CSu0sm1BlR0ZiQW6S.vJOigT622z0test3
Despite there being two invalid bytes (0x00 and 0x02) between the secret hash and "test3", the two are treated as a single string with the invalid bytes removed.
Steps to Reproduce
Create the test file with echo -e "\xfftest\$6\$rounds=656000\$TfzXxXnsPbgX0ZnH\$S4I6mO0ca8cESdfonaWglmF/zCQUK6hXQsg/hGED999vav3lqLI9/1NV5CSu0sm1BlR0ZiQW6S.vJOigT622z0\x00test3_test4" > testfile
Create the config.yaml with a regex for SHA512-Crypt hashes:
TruffleHog Version
3.81.8
Trace Output
https://gist.github.com/Sohcahtoa82/90718ed0aab6ec66ccb891f702cbcb55
Expected Behavior
In the test example given below, the raw result should be:
$6$rounds=656000$TfzXxXnsPbgX0ZnH$S4I6mO0ca8cESdfonaWglmF/zCQUK6hXQsg/hGED999vav3lqLI9/1NV5CSu0sm1BlR0ZiQW6S.vJOigT622z0
Actual Behavior
Raw result is actually:
$6$rounds=656000$TfzXxXnsPbgX0ZnH$S4I6mO0ca8cESdfonaWglmF/zCQUK6hXQsg/hGED999vav3lqLI9/1NV5CSu0sm1BlR0ZiQW6S.vJOigT622z0test3
Despite there being two invalid bytes (0x00 and 0x02) between the secret hash and "test3", the two are treated as a single string with the invalid bytes removed.
Steps to Reproduce
echo -e "\xfftest\$6\$rounds=656000\$TfzXxXnsPbgX0ZnH\$S4I6mO0ca8cESdfonaWglmF/zCQUK6hXQsg/hGED999vav3lqLI9/1NV5CSu0sm1BlR0ZiQW6S.vJOigT622z0\x00test3_test4" > testfile
trufflehog filesystem testfile --no-update --config=../config.yaml
Environment
Darwin MacBook-Pro.home 23.6.0 Darwin Kernel Version 23.6.0: Mon Jul 29 21:13:04 PDT 2024; root:xnu-10063.141.2~1/RELEASE_ARM64_T6020 arm64
Additional Context
Trufflehog versions up to and including 3.32.0 work as expected. Version 3.32.1 was the first version where this behavior changed. Version diff.
The text was updated successfully, but these errors were encountered: