TypeError: cannot concatenate 'str' and 'tuple' objects

[iammarco]

using regex ([\\s'\"])(?=.*[0-9])(?=.*[a-zA-Z])([a-zA-Z0-9]{8})\\1 in custom regex file gave me following error:

Traceback (most recent call last):
File "c:\python27\lib\runpy.py", line 174, in _run_module_as_main
"main", fname, loader, pkg_name)
File "c:\python27\lib\runpy.py", line 72, in run_code
exec code in run_globals
File "C:\Python27\Scripts\trufflehog.exe_main.py", line 9, in
File "c:\python27\lib\site-packages\truffleHog\truffleHog.py", line 53, in main
output = find_strings(args.git_url, args.since_commit, args.max_depth, args.output_json, args.do_regex, do_entropy, surpress_output=False, branch=args.branch)
File "c:\python27\lib\site-packages\truffleHog\truffleHog.py", line 282, in find_strings
foundIssues = diff_worker(diff, curr_commit, prev_commit, branch_name, commitHash, custom_regexes, do_entropy, do_regex, printJson, surpress_output)
File "c:\python27\lib\site-packages\truffleHog\truffleHog.py", line 229, in diff_worker
found_regexes = regex_check(printableDiff, commit_time, branch_name, prev_commit, blob, commitHash, custom_regexes)
File "c:\python27\lib\site-packages\truffleHog\truffleHog.py", line 201, in regex_check
found_diff = printableDiff.replace(printableDiff, bcolors.WARNING + found_string + bcolors.ENDC)
TypeError: cannot concatenate 'str' and 'tuple' objects

Looks like it is failing in the regex_check function line 201 because of the regex returning a tuple of two matches what is causing print to fail

[sullo]

Have same error with:
"Account(Id)": "['\"][aA][cC][cC][oO][uU][nN][tT]([_])?([iI][dD])?['\"][\\s]+?:[\\s]+?['\"][^'\"]+['\"]"

A few matches that look like this:
- # "accountId" : "string"

  File "/usr/local/bin/trufflehog", line 10, in <module>
    sys.exit(main())
  File "/usr/local/lib/python3.7/site-packages/truffleHog/truffleHog.py", line 82, in main
    surpress_output=False, branch=args.branch, repo_path=args.repo_path, path_inclusions=path_inclusions, path_exclusions=path_exclusions)
  File "/usr/local/lib/python3.7/site-packages/truffleHog/truffleHog.py", line 344, in find_strings
    foundIssues = diff_worker(diff, curr_commit, prev_commit, branch_name, commitHash, custom_regexes, do_entropy, do_regex, printJson, surpress_output, path_inclusions, path_exclusions)
  File "/usr/local/lib/python3.7/site-packages/truffleHog/truffleHog.py", line 261, in diff_worker
    found_regexes = regex_check(printableDiff, commit_time, branch_name, prev_commit, blob, commitHash, custom_regexes)
  File "/usr/local/lib/python3.7/site-packages/truffleHog/truffleHog.py", line 231, in regex_check
    found_diff = printableDiff.replace(printableDiff, bcolors.WARNING + found_string + bcolors.ENDC)```

[dinvlad]

Ok, so this happens when one has capturing groups in their regex (like in both of the above examples). We just stumbled upon it as well with things like (AWS|aws)_(SECRET|secret). The solution is to always use non-capturing groups with (?:...).

I'm not sure if TH should check for presence of capture groups and throw an error or simply try to convert them to non-capturing ones, if feasible.. Would be happy to draft a PR if you have ideas.

EDIT: just noticed that a fix was also proposed in #78

[dustin-decker]

Hey there, we've just released the next major version of TruffleHog!

It is a complete rewrite that scans more data sources and now supports detecting and verifying over 600 credentials.
Please check it out when you can.

https://trufflesecurity.com/blog/introducing-trufflehog-v3

We're no longer maintaining v2 so I am closing this issue.