The Windows runas command is more-or-less the equivalent of sudo on *NIX systems. Usage is similar.

runas /user:$USERNAME $EXECUTABLE

$USERNAME may also be specified as $DOMAIN\$USERNAME for domain-joined machines.

$EXECUTABLE is treated normally (as if not prefixed by the runas command), so a full or relative path is only necessary when it’s not already in the Windows path.

If credentials are saved for a particular user (use cmdkey /list to check), then the /savecred flag will apply them automatically!

Important

When using runas to start a reverse shell, whoami will always return the user who called the runas command, even if the shell is running as under a different user’s privileges. Thus, elevating privileges using runas is a blind attack… You won’t know if the privilege escalation actually worked until you try a command that requires more privileges!