While I have in the past been focused on Windows exploitation (and a beginner with that) I find myself having to expand my horizons (CPT). In keeping in line with my training, I need to enumerate information on the machine (vm) that I want to attack. Unfortunately I have little ideas where to start. The book I have access to at the moment seems fixed on Windows enumeration, and google has not been much better. I see results on Linux NIC enumeration.
Steps taken so far:
Scanned my network and found a "victim".
Scanned the host and performed port, OS and version detection.
"banner grabbing", connecting to the services with netcat.
at this point there is a gap in my knowledge. I know that eventually I will need to crack passwords and eventually gain access to the system, but I do know that if I want to gain access through one of the open services, I will need to enumerate the users and possibly other information on the machine. Can anyone point me in the right direction? My main purpose at this point is to learn how to attack linux rather than the actual exploitation of this machine.