Service exploitation identifies running services, fingerprints versions, looks up CVEs, and exploits vulnerabilities — the core of network pen testing.
Workflow: Nmap -sV → identify service versions → searchsploit [service version] → Metasploit search → set options → exploit. Always try default credentials first (faster, less noisy than exploitation). Document every service tested even if no vulnerability found.