Since I’m quite new to the whole topic of linux privilege escalation I’ve done a few courses in which usually the enumeration of services is mentioned with commands like:
ps aux
systemctl --type=service --state=running
etc.
But I wonder how do I go an from there? How do I find vulnerable services, and even if there are no (usable) CVEs or Exploits for those services, how can I check for service misconfiguration?
I’m interested both in tools but more importantly in a methology to proceed.
with regards