ATTACKING COMMON SERVICES - Attacking RDP

Hi, I’m stuck at this question : Connect via RDP with the Administrator account and submit the flag.txt as you answer.
I know what to do, but i’ve tried to attack SAM, LSSAS from Password Attack module, and I have found 0 hash, i don’t know what to try anymore, someone can help me please ?

Thanks.

Type this in the terminal…
xfreerdp /v:IP ADDRESS /u:htb-student /p:PASSWORD

Go to the Power shell and type:
Get-WmiObject -Class win32_OperatingSystem | select Version,BuildNumber