Important: Exposed MongoDB cluster in your code #10
Description
Warning
You have an exposed mongoDB cluster containing multiple databases in this repository.
Hey THE-VIP-BOY-OP, If you receive this issue don't panic, I am a friendly automated script looking around the internet and just to let you know that you have an exposed mongoDB cluster in your code that I got from this file https://github.com/THE-VIP-BOY-OP/VIP-ROBOT/blob/16228dd0ddbdc24b35f9cdec9fb36d48bc65d539/MukeshRobot/config.py.
I was able to connect and expose those databases from your cluster:
- AnieXErica
- Anon
- AnonXMusic
- Anonymous
- Channel-Filter
- Character_catcher
- Cluster0
- Hellbot
- Lover
- VIP
- Word
- Yukki
- adityaxdb
- autoacceptbot
- clonelcuxbotz
- clustero
- main
- userdb
- admin
- local
From these possible clusters: cluster0.9dxlslv.mongodb.net
A malicious attacker could leak data and get credentials to your or people's services/system, even if you know that no sensible information is stored inside it, it is still very dangerous. I do not know what kind of information your databases hold but a malicious attacker could easily dump all the content, please make sure to follow these steps:
- Put your secrets in a .env file
- Use a library like dotenv to load the environment variables from your file onto your code
- At this point, I would either suggest either using github's tool to erase the history or you could delete the repos on Github, remove the .git folder locally and recreate a new repos with a clean history
In the future make sure to not expose your secrets especially your mongodb uri as it contains your username and password combination. Make sure to create a .env file and load your environment variables into your code accordingly.