Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to show the raw plain text secret detected by detect-secrets? #680

Open
setu1421 opened this issue Apr 4, 2023 · 1 comment
Open

How to show the raw plain text secret detected by detect-secrets? #680

setu1421 opened this issue Apr 4, 2023 · 1 comment
Labels
enhancement The issue is related to improving a certain aspect of the project. good first issue The issue can be tackled by someone who has little to no knowledge about the project. help wanted Indicates that we would like someone that’s not a maintainer to work on the issue. question The issue is a technical question related to the project. triaged The issue has been reviewed but has not been solved yet.

Comments

@setu1421
Copy link

setu1421 commented Apr 4, 2023

I want to retrieve the exact matched string from hashed secret provided by the tool. So, I ran the detect-secrets tool for willymcallister/spinningnumbers repository and a sample output of the tool is shown below:

image

The tool has found a private key in line 184 of _articles/staticman-heroku.md file.

image

However, I tried to compute the hashed secret using hashlib with different combinations of the secrets such as by removing unnecessary texts. But I could not compute the exact hashed secret provided by the tool.

image

Which part of the actual secret string has been used to calculate the hashed secret? Or Is there any way to get the plain text secret instead of hashed secret in the report using any flag? Please let me know your feedback.
@geekNero
Copy link

Hey, you can go into the library and remove a line in detect_secrets/core
/potential_secret.py at line number 56 , and insert this: self.secret_hash: str = secret

@lorenzodb1 lorenzodb1 added the pending The issue still needs to be reviewed by one of the maintainers. label Nov 17, 2023
@lorenzodb1 lorenzodb1 added help wanted Indicates that we would like someone that’s not a maintainer to work on the issue. good first issue The issue can be tackled by someone who has little to no knowledge about the project. question The issue is a technical question related to the project. triaged The issue has been reviewed but has not been solved yet. enhancement The issue is related to improving a certain aspect of the project. and removed pending The issue still needs to be reviewed by one of the maintainers. labels May 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement The issue is related to improving a certain aspect of the project. good first issue The issue can be tackled by someone who has little to no knowledge about the project. help wanted Indicates that we would like someone that’s not a maintainer to work on the issue. question The issue is a technical question related to the project. triaged The issue has been reviewed but has not been solved yet.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@setu1421 @lorenzodb1 @geekNero