portscan, identify your OS and then... run various exploids on OS-specific or service specific vulnerabities.... then install a trojaner, backdoor or just log in?