This seems to be just like connecting via SSH to a Linux machine, but with Windows. I’ve only tested with Windows 10, but it works great.

  1. Download PSEX HERE.
  2. Extract ZIP wherever (I like to use 7zip).
  3. CD to that location via CMD as domain admin (this is assuming domain environment, run CMD as administrator by right clicking, then run as administrator)
  4. Run the following .PsExec.exe \PCnameORip cmd.exe
  5. You are now in a remote shell

You can also use winrs as well

  1. Run CMD as admin
  2. winrs -r:PC_Name cmd
  3. If you’d like to use powershell you just need to type “powershell.exe” in the shell