Active Directory Enum & Attacks - Domain Trusts - Child -> Parent


I am currently stuck at the question “Perform the ExtraSids attack to compromise the parent domain… obtain the NTLM hash for the Domain Admin user bross.”

I used Mimikatz to dump NTLM hashes once I received a shell on the Domain Controller. However, I could not find anything related to bross, just a local Administrator. Is there any different route to receive that particular NTLM hash?

Many thanks!

Hello Rapunzel3000

I’m stuck in the same place but i found the ntlm hash of bross user

but this is not the correct answer for the site … :frowning:

Do you have some hint ? thanks

Sent you a pm!