Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AzureDevopsPersonalAccessToken detector: unexpected HTTP response status 404 #3680

Open
rgmz opened this issue Nov 26, 2024 · 3 comments Β· May be fixed by #3784
Open

AzureDevopsPersonalAccessToken detector: unexpected HTTP response status 404 #3680

rgmz opened this issue Nov 26, 2024 · 3 comments Β· May be fixed by #3784
Labels
bug

Comments

@rgmz
Copy link
Contributor

rgmz commented Nov 26, 2024
edited
Loading

Example:

Found unverified result πŸ·πŸ”‘β“
Verification issue: unexpected HTTP response status 404
Detector Type: AzureDevopsPersonalAccessToken
Decoder Type: PLAIN
Raw result: mi75vq7fet2kokgq5uyk252zlpbmq32ewhqtymkma5tvfzl4iykqDefaultEndpointsProtocol
Commit: abcbf10e5fd621c69d27f0bd8a460ac0e5433974
Email: Jack G Kafaty <jackgkafaty@github.com>
File: Example03_Csharp/.env
Line: 8
Link: https://github.com/advanced-security/codeql_container_example/blob/abcbf10e5fd621c69d27f0bd8a460ac0e5433974/Example03_Csharp/.env#L8
Repository: https://github.com/advanced-security/codeql_container_example.git
Timestamp: 2023-06-30 17:04:31 +0000

Found unverified result πŸ·πŸ”‘β“
Verification issue: unexpected HTTP response status 404
Detector Type: AzureDevopsPersonalAccessToken
Decoder Type: PLAIN
Raw result: 0zfy8nhw4nx0idh94qidr06vsfxgdk2ky0ih76s27121pdwr05aasignalr
Commit: 85fc419d42db987a631051f6470e3fcd2e27a895
File: pkgs/tools/admin/azure-cli/default.nix
Line: 9
Link: https://github.com/goldmansachs/nixpkgs/blob/85fc419d42db987a631051f6470e3fcd2e27a895/pkgs/tools/admin/azure-cli/default.nix#L9
Repository: https://github.com/goldmansachs/nixpkgs.git
Timestamp: 2019-10-23 10:07:42 +0000
@rgmz rgmz added the bug label Nov 26, 2024
@rgmz
Copy link
Contributor Author

rgmz commented Nov 29, 2024 

Found unverified result πŸ·πŸ”‘β“
Verification issue: unexpected HTTP response status 203
Detector Type: AzureDevopsPersonalAccessToken
Decoder Type: PLAIN
Raw result: 0rvik03njz940x2hvqg6iiq8k0d88gyygsr86w8s0sa12sdbq8l6package
Commit: 85fc419d42db987a631051f6470e3fcd2e27a895
File: pkgs/tools/admin/azure-cli/python-packages.nix
Line: 139
Link: https://github.com/goldmansachs/nixpkgs/blob/85fc419d42db987a631051f6470e3fcd2e27a895/pkgs/tools/admin/azure-cli/python-packages.nix#L139
Repository: https://github.com/goldmansachs/nixpkgs.git
Timestamp: 2019-10-23 10:07:42 +0000

@ankushgoel27
Copy link
Contributor

ankushgoel27 commented Dec 5, 2024
edited
Loading

is the azuredevopspersonalaccesstoken correct? when i generate my PATS, they are usually 84 chars long and contain both [a-zA-Z0-9]. currently, the detector is matching on 52 chars [a-z0-9] only.

@ankushgoel27
Copy link
Contributor

There is a new V2 version out which is 84 chars long

@rgmz rgmz linked a pull request Dec 16, 2024 that will close this issue
Open
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix Azure Devops detector rgmz/trufflehog
2 participants
@ankushgoel27 @rgmz