Google maps API key is not detected #3970
Description
Please review the Community Note before submitting
TruffleHog Version
3.88.15
Trace Output
2025-03-10T11:40:25+01:00 info-2 trufflehog trufflehog 3.88.15
🐷🔑🐷 TruffleHog. Unearth your secrets. 🐷🔑🐷
2025-03-10T11:40:25+01:00 info-4 trufflehog default engine options set
2025-03-10T11:40:25+01:00 info-4 trufflehog engine initialized
2025-03-10T11:40:25+01:00 info-4 trufflehog setting up aho-corasick core
2025-03-10T11:40:25+01:00 info-4 trufflehog set up aho-corasick core
2025-03-10T11:40:25+01:00 info-2 trufflehog starting scanner workers {"count": 12}
2025-03-10T11:40:25+01:00 info-2 trufflehog starting detector workers {"count": 96}
2025-03-10T11:40:25+01:00 info-2 trufflehog starting verificationOverlap workers {"count": 12}
2025-03-10T11:40:25+01:00 info-2 trufflehog starting notifier workers {"count": 12}
2025-03-10T11:40:25+01:00 info-0 trufflehog running source {"source_manager_worker_id": "qUMWK", "with_units": true}
2025-03-10T11:40:25+01:00 info-2 trufflehog enumerating source {"source_manager_worker_id": "qUMWK"}
2025-03-10T11:40:25+01:00 info-3 trufflehog chunking unit {"source_manager_worker_id": "qUMWK", "unit_kind": "unit", "unit": "/tmp/test/index.html"}
2025-03-10T11:40:25+01:00 info-3 trufflehog scanning file {"source_manager_worker_id": "qUMWK", "unit_kind": "unit", "unit": "/tmp/test/index.html", "path": "/tmp/test/index.html"}
2025-03-10T11:40:25+01:00 info-5 trufflehog dataErrChan closed, all chunks processed {"source_manager_worker_id": "qUMWK", "unit_kind": "unit", "unit": "/tmp/test/index.html", "path": "/tmp/test/index.html", "mime": "text/html; charset=utf-8", "timeout": 60}
2025-03-10T11:40:25+01:00 info-4 trufflehog finished scanning chunks {"scanner_worker_id": "iPi02"}
2025-03-10T11:40:25+01:00 info-4 trufflehog finished scanning chunks {"scanner_worker_id": "MJ5Mj"}
2025-03-10T11:40:25+01:00 info-4 trufflehog finished scanning chunks {"scanner_worker_id": "ArJX1"}
2025-03-10T11:40:25+01:00 info-4 trufflehog finished scanning chunks {"scanner_worker_id": "KiLj4"}
2025-03-10T11:40:25+01:00 info-4 trufflehog finished scanning chunks {"scanner_worker_id": "gZEe0"}
2025-03-10T11:40:25+01:00 info-4 trufflehog finished scanning chunks {"scanner_worker_id": "IIoTZ"}
2025-03-10T11:40:25+01:00 info-4 trufflehog finished scanning chunks {"scanner_worker_id": "rPXj2"}
2025-03-10T11:40:25+01:00 info-4 trufflehog finished scanning chunks {"scanner_worker_id": "ulfh8"}
2025-03-10T11:40:25+01:00 info-4 trufflehog finished scanning chunks {"scanner_worker_id": "RtSgD"}
2025-03-10T11:40:25+01:00 info-4 trufflehog finished scanning chunks {"scanner_worker_id": "TmgqT"}
2025-03-10T11:40:25+01:00 info-4 trufflehog finished scanning chunks {"scanner_worker_id": "dpaGQ"}
2025-03-10T11:40:25+01:00 info-5 trufflehog decoder not applicable for chunk {"scanner_worker_id": "ze7Fv", "decoder": "BASE64", "chunk": {"Data":"PCFkb2N0eXBlIGh0bWw+CjxodG1sIGxhbmc9ImZyIj4KICAgIDxib2R5PgogICAgICAgIDwhLS0gR29vZ2xlIHBsYWNlcyAtLT4KICAgICAgICA8c2NyaXB0CiAgICAgICAgICAgIGRlZmVyCiAgICAgICAgICAgIHNyYz0iaHR0cHM6Ly9tYXBzLmdvb2dsZWFwaXMuY29tL21hcHMvYXBpL2pzP2tleT1BSXphU3lBREdaUXV4STZodFh1OWkzTUpaUFpDNGIyUVJMOFZvT28mbGlicmFyaWVzPXBsYWNlcyZjYWxsYmFjaz1pbml0TWFwIgogICAgICAgID48L3NjcmlwdD4KICAgIDwvYm9keT4KPC9odG1sPgo=","SourceName":"trufflehog - filesystem","SourceID":1,"JobID":1,"SecretID":0,"SourceMetadata":{"Data":{"Filesystem":{"file":"/tmp/test/index.html"}}},"SourceType":15,"Verify":false}}
2025-03-10T11:40:25+01:00 info-5 trufflehog decoder not applicable for chunk {"scanner_worker_id": "ze7Fv", "decoder": "UTF16", "chunk": {"Data":"PCFkb2N0eXBlIGh0bWw+CjxodG1sIGxhbmc9ImZyIj4KICAgIDxib2R5PgogICAgICAgIDwhLS0gR29vZ2xlIHBsYWNlcyAtLT4KICAgICAgICA8c2NyaXB0CiAgICAgICAgICAgIGRlZmVyCiAgICAgICAgICAgIHNyYz0iaHR0cHM6Ly9tYXBzLmdvb2dsZWFwaXMuY29tL21hcHMvYXBpL2pzP2tleT1BSXphU3lBREdaUXV4STZodFh1OWkzTUpaUFpDNGIyUVJMOFZvT28mbGlicmFyaWVzPXBsYWNlcyZjYWxsYmFjaz1pbml0TWFwIgogICAgICAgID48L3NjcmlwdD4KICAgIDwvYm9keT4KPC9odG1sPgo=","SourceName":"trufflehog - filesystem","SourceID":1,"JobID":1,"SecretID":0,"SourceMetadata":{"Data":{"Filesystem":{"file":"/tmp/test/index.html"}}},"SourceType":15,"Verify":false}}
2025-03-10T11:40:25+01:00 info-5 trufflehog decoder not applicable for chunk {"scanner_worker_id": "ze7Fv", "decoder": "ESCAPED_UNICODE", "chunk": {"Data":"PCFkb2N0eXBlIGh0bWw+CjxodG1sIGxhbmc9ImZyIj4KICAgIDxib2R5PgogICAgICAgIDwhLS0gR29vZ2xlIHBsYWNlcyAtLT4KICAgICAgICA8c2NyaXB0CiAgICAgICAgICAgIGRlZmVyCiAgICAgICAgICAgIHNyYz0iaHR0cHM6Ly9tYXBzLmdvb2dsZWFwaXMuY29tL21hcHMvYXBpL2pzP2tleT1BSXphU3lBREdaUXV4STZodFh1OWkzTUpaUFpDNGIyUVJMOFZvT28mbGlicmFyaWVzPXBsYWNlcyZjYWxsYmFjaz1pbml0TWFwIgogICAgICAgID48L3NjcmlwdD4KICAgIDwvYm9keT4KPC9odG1sPgo=","SourceName":"trufflehog - filesystem","SourceID":1,"JobID":1,"SecretID":0,"SourceMetadata":{"Data":{"Filesystem":{"file":"/tmp/test/index.html"}}},"SourceType":15,"Verify":false}}
2025-03-10T11:40:25+01:00 info-4 trufflehog finished scanning chunks {"scanner_worker_id": "ze7Fv"}
2025-03-10T11:40:25+01:00 info-0 trufflehog finished scanning {"chunks": 1, "bytes": 284, "verified_secrets": 0, "unverified_secrets": 0, "scan_duration": "1.727781ms", "trufflehog_version": "3.88.15", "verification_caching": {"Hits":0,"Misses":0,"HitsWasted":0,"AttemptsSaved":0,"VerificationTimeSpentMS":0}}
Expected Behavior
Detect the Google Maps JS key, it could have much more API access than it should.
Key was a bit redacted, any user with enough ressources can find it on the web archive.
Actual Behavior
No key found
Steps to Reproduce
- Create a folder
- Add
index.html
<!doctype html>
<html lang="fr">
<body>
<!-- Google places -->
<script
defer
src="https://maps.googleapis.com/maps/api/js?key=AIzaSyADGZQuxI6htXu9i3MJZPZC4b2QRL8VoOo&libraries=places&callback=initMap"
></script>
</body>
</html>Environment
- OS: Debian
- Version: 12