# Service Exploits Services are simply programs that run in the background, accepting in put or performing regular tasks. If vulnerable services are running as root, exploiting them can lead to command execution as root. Service exploits can be found using Searchsploit, Google, and GitHub, just like with Kernel exploits. ## Services Running as Root The following command will show all processes that are running as root: ```bash $ ps aux | grep "^root" ``` The above command shows programs running where each of the output lines starts with "root" With any results, try to identify the version number of the program being executed. ## Enumerating Program Versions Running the program with the --version/-v command line option often shows the version number: ```bash $ <program> --version $ <program> -v ``` On Debian-like distributions, dpkg can show installed programs and their version: ```bash $ dpkg -l | grep <program> ``` On systems that use rpm, the following achieves the same: ```bash $ rpm -qa | grep <program> ```