Q3 on Guided Exercise in Windows Services

I am having a problem in getting the answer to Q3 in windows service section

Q3: When MyService is first started, it writes “The ______ is running and doing some work…” to the Application Log.

where can i find this?

Once you start the service, check the Application log, Event ID 0.

I did but after the copying evilservice file so its showing “You have been hacked x x x”
How can I restart everything?

You must have missed these steps in Part 3:

10.) At the PowerShell prompt, type eventvwr.msc and press Enter to open the Event Viewer.

11.) In the Event Viewer, navigate to Windows Logs / Application and look for the log entries with EventID 0 and the Source SimpleService.

Take note of the event message in the General tab. Leave the Event Viewer open during the next steps.

Can anyone tell the answer for the task 3rd questions I tried several times though it’s not working Q3: When MyService is first started, it writes “The ______ is running and doing some work…” to the Application Log.

Look in the Application log for Event ID 0. Then look on the General tab.

Yeh i tried its showing only you have been hacked lol lol lol

Just look for an earlier event.

i retried 2 to3 times bro i fed up thats y am asking

Can you tell me the answer bro

also tried earlier events no use

You are skipping Step 11, where you look at the Application log BEFORE you hack the service.

im sorry joseph but its nearly impossible to find this answer i been lookin for 2 days and i restarted multiple times and also ive looked through each service file invidually and still cant find the answer
Ive tried “Evil service” + like 100 diff answers and i cant find anything im just stuck

If you would like to go through this lab in a Zoom session we can. Just let me know.

yeah sure that would be awesome can you add my discord “keykah” and we can work from there

a week later and im still stuck also no discord add back :frowning:

Are you in the Cybrary discord?

i cant start the service to know the answer, can someone tell me the answer cuz i tried alot of stuff

I just opened the .exe file in notepad and you can find the answer in there lol

1 Like

Well, that is the hacker way to do it :slight_smile: