Detection of postgres URI connection string - Maybe undesired behavior

Hey guys, I am using Trufflehog in a test folder where I have different Kubernetes deployment files, one of those files has a postgres URI connection string pointing to a local database.

Trufflehog fails to find this URI connection string because the connection string doesn't have the password set. 

**Question**: Is this the desired behavior to not detect URI connection strings without the password set or it should detect?

This issue happens because of a verification if the URI connection has the password set or not. This is the code that stops the detection of the URI connection:

```go
// https://github.com/trufflesecurity/trufflehog/blob/c05bb4d7ea587a541e39bae217ab2049a7de1628/pkg/detectors/postgres/postgres.go#L80
func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) ([]detectors.Result, error) {
	var results []detectors.Result
	candidateParamSets := findUriMatches(data)

	for _, params := range candidateParamSets {
		if common.IsDone(ctx) {
			break
		}
		user, ok := params[pgUser]
		if !ok {
			continue
		}

		password, ok := params[pgPassword]
		if !ok { // this condition stops the detection
			continue
		}
....
```

----

File that I'm using to test:

```yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    name: web
  name: web
spec:
  replicas: 1
  selector:
    matchLabels:
      name: web
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        name: web
    spec:
      containers:
        - name: web
          env:
            - name: ALLOWED_HOSTS
              value: localhost,127.0.0.1,172.211.157.208
            - name: DATABASE_URL
              value: postgres://root:@localhost:26257/defaultdb?sslmode=disable # this should be detected
            - name: DEBUG
              value: 'False'
            - name: DJANGO_SUPERUSER_EMAIL
              value: django@django.com
            - name: DJANGO_SUPERUSER_PASSWORD
              value: put_your_super_secret_password_here
            - name: DJANGO_SUPERUSER_USERNAME
              value: django
            - name: SECRET_KEY
              value: create_a_super_secure_secret_key_and_change_me
          image: nginx:latest
          ports:
            - containerPort: 8000
              protocol: TCP
      restartPolicy: Always
```

---- 
**Trufflehog vesion**: `dev` // installed Trufflehog directly from source, master branch.

----
**Trufflehog command**: `trufflehog filesystem example-file.yaml`

----
**Expected behavior**: Detection of postgres URI connection string
**Current behavior**: <u>No detection</u>

----
**Execution log**:

```log
trufflehog filesystem example.yaml --log-level=5
2025-02-07T12:16:08+01:00	info-2	trufflehog	trufflehog dev
🐷🔑🐷  TruffleHog. Unearth your secrets. 🐷🔑🐷

2025-02-07T12:16:08+01:00	info-4	trufflehog	default engine options set
2025-02-07T12:16:08+01:00	info-4	trufflehog	engine initialized
2025-02-07T12:16:08+01:00	info-4	trufflehog	setting up aho-corasick core
2025-02-07T12:16:08+01:00	info-4	trufflehog	set up aho-corasick core
2025-02-07T12:16:08+01:00	info-2	trufflehog	starting scanner workers	{"count": 12}
2025-02-07T12:16:08+01:00	info-2	trufflehog	starting detector workers	{"count": 96}
2025-02-07T12:16:08+01:00	info-2	trufflehog	starting verificationOverlap workers	{"count": 12}
2025-02-07T12:16:08+01:00	info-2	trufflehog	starting notifier workers	{"count": 12}
2025-02-07T12:16:08+01:00	info-0	trufflehog	running source	{"source_manager_worker_id": "5xJe5", "with_units": true}
2025-02-07T12:16:08+01:00	info-2	trufflehog	enumerating source	{"source_manager_worker_id": "5xJe5"}
2025-02-07T12:16:08+01:00	info-3	trufflehog	chunking unit	{"source_manager_worker_id": "5xJe5", "unit_kind": "unit", "unit": "example.yaml"}
2025-02-07T12:16:08+01:00	info-3	trufflehog	scanning file	{"source_manager_worker_id": "5xJe5", "unit_kind": "unit", "unit": "example.yaml", "path": "example.yaml"}
2025-02-07T12:16:08+01:00	info-5	trufflehog	dataErrChan closed, all chunks processed	{"source_manager_worker_id": "5xJe5", "unit_kind": "unit", "unit": "example.yaml", "path": "example.yaml", "mime": "text/plain; charset=utf-8", "timeout": 60}
2025-02-07T12:16:08+01:00	info-4	trufflehog	finished scanning chunks	{"scanner_worker_id": "OQmKY"}
2025-02-07T12:16:08+01:00	info-4	trufflehog	finished scanning chunks	{"scanner_worker_id": "RDdbB"}
2025-02-07T12:16:08+01:00	info-4	trufflehog	finished scanning chunks	{"scanner_worker_id": "xyZTT"}
2025-02-07T12:16:08+01:00	info-4	trufflehog	finished scanning chunks	{"scanner_worker_id": "bX4f6"}
2025-02-07T12:16:08+01:00	info-4	trufflehog	finished scanning chunks	{"scanner_worker_id": "eXQm2"}
2025-02-07T12:16:08+01:00	info-4	trufflehog	finished scanning chunks	{"scanner_worker_id": "swyF8"}
2025-02-07T12:16:08+01:00	info-4	trufflehog	finished scanning chunks	{"scanner_worker_id": "WvMtY"}
2025-02-07T12:16:08+01:00	info-4	trufflehog	finished scanning chunks	{"scanner_worker_id": "1zQRb"}
2025-02-07T12:16:08+01:00	info-4	trufflehog	finished scanning chunks	{"scanner_worker_id": "WAKr7"}
2025-02-07T12:16:08+01:00	info-4	trufflehog	finished scanning chunks	{"scanner_worker_id": "zgHF9"}
2025-02-07T12:16:08+01:00	info-4	trufflehog	finished scanning chunks	{"scanner_worker_id": "f5VhL"}
2025-02-07T12:16:08+01:00	info-5	trufflehog	decoder not applicable for chunk	{"scanner_worker_id": "6HUvG", "decoder": "BASE64", "chunk": {"Data":"YXBpVmVyc2lvbjogYXBwcy92MQpraW5kOiBEZXBsb3ltZW50Cm1ldGFkYXRhOgogIGxhYmVsczoKICAgIG5hbWU6IHdlYgogIG5hbWU6IHdlYgpzcGVjOgogIHJlcGxpY2FzOiAxCiAgc2VsZWN0b3I6CiAgICBtYXRjaExhYmVsczoKICAgICAgbmFtZTogd2ViCiAgc3RyYXRlZ3k6CiAgICB0eXBlOiBSZWNyZWF0ZQogIHRlbXBsYXRlOgogICAgbWV0YWRhdGE6CiAgICAgIGxhYmVsczoKICAgICAgICBuYW1lOiB3ZWIKICAgIHNwZWM6CiAgICAgIGNvbnRhaW5lcnM6CiAgICAgICAgLSBuYW1lOiB3ZWIKICAgICAgICAgIGVudjoKICAgICAgICAgICAgLSBuYW1lOiBBTExPV0VEX0hPU1RTCiAgICAgICAgICAgICAgdmFsdWU6IGxvY2FsaG9zdCwxMjcuMC4wLjEsMTcyLjIxMS4xNTcuMjA4CiAgICAgICAgICAgIC0gbmFtZTogREFUQUJBU0VfVVJMCiAgICAgICAgICAgICAgdmFsdWU6IHBvc3RncmVzOi8vcm9vdDpAbG9jYWxob3N0OjI2MjU3L2RlZmF1bHRkYj9zc2xtb2RlPWRpc2FibGUKICAgICAgICAgICAgLSBuYW1lOiBERUJVRwogICAgICAgICAgICAgIHZhbHVlOiAnRmFsc2UnCiAgICAgICAgICAgIC0gbmFtZTogREpBTkdPX1NVUEVSVVNFUl9FTUFJTAogICAgICAgICAgICAgIHZhbHVlOiBkamFuZ29AZGphbmdvLmNvbQogICAgICAgICAgICAtIG5hbWU6IERKQU5HT19TVVBFUlVTRVJfUEFTU1dPUkQKICAgICAgICAgICAgICB2YWx1ZTogcHV0X3lvdXJfc3VwZXJfc2VjcmV0X3Bhc3N3b3JkX2hlcmUKICAgICAgICAgICAgLSBuYW1lOiBESkFOR09fU1VQRVJVU0VSX1VTRVJOQU1FCiAgICAgICAgICAgICAgdmFsdWU6IGRqYW5nbwogICAgICAgICAgICAtIG5hbWU6IFNFQ1JFVF9LRVkKICAgICAgICAgICAgICB2YWx1ZTogY3JlYXRlX2Ffc3VwZXJfc2VjdXJlX3NlY3JldF9rZXlfYW5kX2NoYW5nZV9tZQogICAgICAgICAgaW1hZ2U6IG5naW54OmxhdGVzdAogICAgICAgICAgcG9ydHM6CiAgICAgICAgICAgIC0gY29udGFpbmVyUG9ydDogODAwMAogICAgICAgICAgICAgIHByb3RvY29sOiBUQ1AKICAgICAgcmVzdGFydFBvbGljeTogQWx3YXlzCg==","SourceName":"trufflehog - filesystem","SourceID":1,"JobID":1,"SecretID":0,"SourceMetadata":{"Data":{"Filesystem":{"file":"example.yaml"}}},"SourceType":15,"Verify":true}}
2025-02-07T12:16:08+01:00	info-5	trufflehog	decoder not applicable for chunk	{"scanner_worker_id": "6HUvG", "decoder": "UTF16", "chunk": {"Data":"YXBpVmVyc2lvbjogYXBwcy92MQpraW5kOiBEZXBsb3ltZW50Cm1ldGFkYXRhOgogIGxhYmVsczoKICAgIG5hbWU6IHdlYgogIG5hbWU6IHdlYgpzcGVjOgogIHJlcGxpY2FzOiAxCiAgc2VsZWN0b3I6CiAgICBtYXRjaExhYmVsczoKICAgICAgbmFtZTogd2ViCiAgc3RyYXRlZ3k6CiAgICB0eXBlOiBSZWNyZWF0ZQogIHRlbXBsYXRlOgogICAgbWV0YWRhdGE6CiAgICAgIGxhYmVsczoKICAgICAgICBuYW1lOiB3ZWIKICAgIHNwZWM6CiAgICAgIGNvbnRhaW5lcnM6CiAgICAgICAgLSBuYW1lOiB3ZWIKICAgICAgICAgIGVudjoKICAgICAgICAgICAgLSBuYW1lOiBBTExPV0VEX0hPU1RTCiAgICAgICAgICAgICAgdmFsdWU6IGxvY2FsaG9zdCwxMjcuMC4wLjEsMTcyLjIxMS4xNTcuMjA4CiAgICAgICAgICAgIC0gbmFtZTogREFUQUJBU0VfVVJMCiAgICAgICAgICAgICAgdmFsdWU6IHBvc3RncmVzOi8vcm9vdDpAbG9jYWxob3N0OjI2MjU3L2RlZmF1bHRkYj9zc2xtb2RlPWRpc2FibGUKICAgICAgICAgICAgLSBuYW1lOiBERUJVRwogICAgICAgICAgICAgIHZhbHVlOiAnRmFsc2UnCiAgICAgICAgICAgIC0gbmFtZTogREpBTkdPX1NVUEVSVVNFUl9FTUFJTAogICAgICAgICAgICAgIHZhbHVlOiBkamFuZ29AZGphbmdvLmNvbQogICAgICAgICAgICAtIG5hbWU6IERKQU5HT19TVVBFUlVTRVJfUEFTU1dPUkQKICAgICAgICAgICAgICB2YWx1ZTogcHV0X3lvdXJfc3VwZXJfc2VjcmV0X3Bhc3N3b3JkX2hlcmUKICAgICAgICAgICAgLSBuYW1lOiBESkFOR09fU1VQRVJVU0VSX1VTRVJOQU1FCiAgICAgICAgICAgICAgdmFsdWU6IGRqYW5nbwogICAgICAgICAgICAtIG5hbWU6IFNFQ1JFVF9LRVkKICAgICAgICAgICAgICB2YWx1ZTogY3JlYXRlX2Ffc3VwZXJfc2VjdXJlX3NlY3JldF9rZXlfYW5kX2NoYW5nZV9tZQogICAgICAgICAgaW1hZ2U6IG5naW54OmxhdGVzdAogICAgICAgICAgcG9ydHM6CiAgICAgICAgICAgIC0gY29udGFpbmVyUG9ydDogODAwMAogICAgICAgICAgICAgIHByb3RvY29sOiBUQ1AKICAgICAgcmVzdGFydFBvbGljeTogQWx3YXlzCg==","SourceName":"trufflehog - filesystem","SourceID":1,"JobID":1,"SecretID":0,"SourceMetadata":{"Data":{"Filesystem":{"file":"example.yaml"}}},"SourceType":15,"Verify":true}}
2025-02-07T12:16:08+01:00	info-5	trufflehog	decoder not applicable for chunk	{"scanner_worker_id": "6HUvG", "decoder": "ESCAPED_UNICODE", "chunk": {"Data":"YXBpVmVyc2lvbjogYXBwcy92MQpraW5kOiBEZXBsb3ltZW50Cm1ldGFkYXRhOgogIGxhYmVsczoKICAgIG5hbWU6IHdlYgogIG5hbWU6IHdlYgpzcGVjOgogIHJlcGxpY2FzOiAxCiAgc2VsZWN0b3I6CiAgICBtYXRjaExhYmVsczoKICAgICAgbmFtZTogd2ViCiAgc3RyYXRlZ3k6CiAgICB0eXBlOiBSZWNyZWF0ZQogIHRlbXBsYXRlOgogICAgbWV0YWRhdGE6CiAgICAgIGxhYmVsczoKICAgICAgICBuYW1lOiB3ZWIKICAgIHNwZWM6CiAgICAgIGNvbnRhaW5lcnM6CiAgICAgICAgLSBuYW1lOiB3ZWIKICAgICAgICAgIGVudjoKICAgICAgICAgICAgLSBuYW1lOiBBTExPV0VEX0hPU1RTCiAgICAgICAgICAgICAgdmFsdWU6IGxvY2FsaG9zdCwxMjcuMC4wLjEsMTcyLjIxMS4xNTcuMjA4CiAgICAgICAgICAgIC0gbmFtZTogREFUQUJBU0VfVVJMCiAgICAgICAgICAgICAgdmFsdWU6IHBvc3RncmVzOi8vcm9vdDpAbG9jYWxob3N0OjI2MjU3L2RlZmF1bHRkYj9zc2xtb2RlPWRpc2FibGUKICAgICAgICAgICAgLSBuYW1lOiBERUJVRwogICAgICAgICAgICAgIHZhbHVlOiAnRmFsc2UnCiAgICAgICAgICAgIC0gbmFtZTogREpBTkdPX1NVUEVSVVNFUl9FTUFJTAogICAgICAgICAgICAgIHZhbHVlOiBkamFuZ29AZGphbmdvLmNvbQogICAgICAgICAgICAtIG5hbWU6IERKQU5HT19TVVBFUlVTRVJfUEFTU1dPUkQKICAgICAgICAgICAgICB2YWx1ZTogcHV0X3lvdXJfc3VwZXJfc2VjcmV0X3Bhc3N3b3JkX2hlcmUKICAgICAgICAgICAgLSBuYW1lOiBESkFOR09fU1VQRVJVU0VSX1VTRVJOQU1FCiAgICAgICAgICAgICAgdmFsdWU6IGRqYW5nbwogICAgICAgICAgICAtIG5hbWU6IFNFQ1JFVF9LRVkKICAgICAgICAgICAgICB2YWx1ZTogY3JlYXRlX2Ffc3VwZXJfc2VjdXJlX3NlY3JldF9rZXlfYW5kX2NoYW5nZV9tZQogICAgICAgICAgaW1hZ2U6IG5naW54OmxhdGVzdAogICAgICAgICAgcG9ydHM6CiAgICAgICAgICAgIC0gY29udGFpbmVyUG9ydDogODAwMAogICAgICAgICAgICAgIHByb3RvY29sOiBUQ1AKICAgICAgcmVzdGFydFBvbGljeTogQWx3YXlzCg==","SourceName":"trufflehog - filesystem","SourceID":1,"JobID":1,"SecretID":0,"SourceMetadata":{"Data":{"Filesystem":{"file":"example.yaml"}}},"SourceType":15,"Verify":true}}
2025-02-07T12:16:08+01:00	info-4	trufflehog	finished scanning chunks	{"scanner_worker_id": "6HUvG"}
2025-02-07T12:16:08+01:00	info-0	trufflehog	finished scanning	{"chunks": 1, "bytes": 1054, "verified_secrets": 0, "unverified_secrets": 0, "scan_duration": "1.159292ms", "trufflehog_version": "dev", "verification_caching": {"Hits":0,"Misses":0,"HitsWasted":0,"AttemptsSaved":0,"VerificationTimeSpentMS":0}}
```


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Detection of postgres URI connection string - Maybe undesired behavior #3886

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development