How to get full accessKey and secret when scanning with TruffleHog?

[libearrrr]

Hello,

I am using the latest version of TruffleHog to detect leaked credentials Alibaba Cloud keys. The tool successfully detects and outputs the secret key, but it does not show the accessKey along with it.

I would like to know if there is any option or configuration that allows outputting the full accessKey and secret in the scan results.

Here are the details of my use case:

Command Used: trufflehog filesystem som.apk

Could you please clarify if this is an intentional design choice or if there is a way to configure TruffleHog to output the complete accessKey-secret pair?

Thank you for your assistance!

Best regards

[domwhewell-sage]

I havent looked at Alibaba Cloud keys but for AWS the access key is in the Raw result but the RawV2 contains the secret key.

This is an example using the --json output option

{"SourceMetadata":{"Data":{"Git":{"commit":"fbc14303ffbf8fb1c2c1914e8dda7d0121633aca","file":"keys","email":"counter \u003c[email protected]\u003e","repository":"https://github.com/trufflesecurity/test_keys","timestamp":"2022-06-16 17:17:40 +0000","line":4}}},"SourceID":1,"SourceType":16,"SourceName":"trufflehog - git","DetectorType":2,"DetectorName":"AWS","DecoderName":"PLAIN","Verified":true,"Raw":"AKIAYVP4CIPPERUVIFXG","RawV2":"AKIAYVP4CIPPERUVIFXGZt2U1h267eViPnuSA+JO5ABhiu4T7XUMSZ+Y2Oth","Redacted":"AKIAYVP4CIPPERUVIFXG","ExtraData":{"account":"595918472158","arn":"arn:aws:iam::595918472158:user/canarytokens.com@@mirux23ppyky6hx3l6vclmhnj","is_canary":"true","message":"This is an AWS canary token generated at canarytokens.org, and was not set off; learn more here: https://trufflesecurity.com/canaries","resource_type":"Access key"},"StructuredData":null}

I assume what you are looking at is the Redacted output displayed in the CLI. So you want the Raw and the RawV2 from the json output