Experimenting with turning my Canon EOS 5D camera into a wireless Access Point

I am tired of pulling out CF memory cards, loading them up in a reader and dumping down files to my PC.
I have a WFT wireless adaptor for it but it is clumsy and uses FTP to upload files to an FTP server.

It’s just not simple and something that words without prep time.

So, for under $40 (Aus), I bought a Toshiba FlashAir 32 Gb b/g/n SD card and an Extreme CF adaptor (SD to CF).
I setup the FlashAir as an Access point and it works really well in the CF adaptor in my older Canon EOS 5D.
It draws it’s power from the camera and the transmittion speed on N band is great.

I suddenly have a very compact wireless solution for my Canon EOS.

Now comes my next issue.

There are tools on Android and iOS to access the files and do bulk downloads. The only way to do it in Windows is in a web browser, one file at a time.

I was then pleasantly surprised to find that this is because Toshiba have opened up the windows space for developers and published the API’s.
Checking out the tools at https://www.flashair-developers.com/en/about/showcase/ I found an awesome tool called snowy.

http://emoacht.github.io/SnowyImageCopy/index.html So far I am very happy with this wifi card, especially on Wifi N band.
I have turned my Canon EOS 5D into an Access Point and it has wifi passthrough so my normal Wifi can stay on (I turn if off when using Snowy).

I can share my files with other peoples devices easily and I can do a bulk download.

Awesome !


Tags: , , , , ,

New Virus in the wild ? (5 Sept 2014)

Whilst using Facebook, followed a link to an external Top 10 “type” photo page and up came a message full screen.

This was a solid white screen to all extremities of the screen. No task bar was showing. Task manager would not work. It was modal.

There was a single line of words in the middle of the screen:

“Windows Locked! Pay WMZ”.


“Windows locked! Your ID is 0xe1c88c76. Send 250 WMZ to ZXXXXXXXXXX and follow instructions.”

windows locked

No amount of Googling this has turned anything up.

Fearing the worst, I had the machines removed from the network immediately.

This has symptoms of a Cryptolocker or Cryptowall type malware but may actually be broken or not fully activated. I have had people look over their files on the network shares and nothing yet appears to be damaged, altered or encrypted.

Looking in the eventlog of the machine and working backwards from when the power was removed I have located a scheduled task that has been injected into the system.

The path to the executable currently contains nothing. The Trend Micro and other security tools have not yet found anything.

I logged all files on the machine that were changed at about the infection time (including prefetch files) and reviewed the internet history and registry entries.

(I note that this file at the same time, looks suspicious \Windows\Installer\{E8863755-AD45-4ABE-87DF-3C4AD785A364}\msiexec.exe)

I have been able to work out that the file came down via Java.

This is a copy of the task that was created :
<?xml version=”1.0″ encoding=”UTF-16″?> <Task version=”1.2″ xmlns=”http://schemas.microsoft.com/windows/2004/02/mit/task”> <RegistrationInfo /> <Triggers> <LogonTrigger id=”Trigger1″> <Enabled>true</Enabled> <UserId>User</UserId> </LogonTrigger> </Triggers> <Settings> <MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy> <DisallowStartIfOnBatteries>true</DisallowStartIfOnBatteries> <StopIfGoingOnBatteries>true</StopIfGoingOnBatteries> <AllowHardTerminate>true</AllowHardTerminate> <StartWhenAvailable>true</StartWhenAvailable> <RunOnlyIfNetworkAvailable>false</RunOnlyIfNetworkAvailable> <IdleSettings> <Duration>PT10M</Duration> <WaitTimeout>PT1H</WaitTimeout> <StopOnIdleEnd>true</StopOnIdleEnd> <RestartOnIdle>false</RestartOnIdle> </IdleSettings> <AllowStartOnDemand>true</AllowStartOnDemand> <Enabled>true</Enabled> <Hidden>true</Hidden> <RunOnlyIfIdle>false</RunOnlyIfIdle> <WakeToRun>false</WakeToRun> <ExecutionTimeLimit>PT72H</ExecutionTimeLimit> <Priority>7</Priority> </Settings> <Actions Context=”Author”> <Exec> <Command>C:\Users\User\AppData\Roaming\bOMPZQrb\tONjafFL\qnuFfTtR\rdNgawxcA.exe</Command> </Exec> </Actions> <Principals> <Principal id=”Author”> <UserId>User</UserId> <LogonType>InteractiveToken</LogonType> <RunLevel>LeastPrivilege</RunLevel> </Principal> </Principals> </Task>

I have uploaded the .tmp files from he users Temporary folders into VirusTotal and nothing yet found.

I am also running an undelete tool over   C:\Users\User\AppData\Roaming\bOMPZQrb\tONjafFL\qnuFfTtR\


I will keep digging and report back. This does seem to be something new.

Tags: , ,

UV Video with a modified DSLR (Preparing to look at skin with sun damage)

Recently there has been a huge interest in my YouTube post using a normal Canon EOS 600D camera and converting it to Full spectrum, then blocking all but UV.
Many enquirers want to find a cheap way to convert a camera and then show how skin is damaged by the sun and how Sun cream blocks the UV Radiation.

There has been so much interest that I thought I would blog about it.

(Example video at the end of this blog)

Firstly, be careful with UV as it is dangerous. My preference is to take photos (and now video) under normal Sunlight.
This obviously rules out indoor photography.

If you modify flashes, install overhead UV lighting (even LED UV lights) be aware you are likely subjecting your model to cancer causing levels of UV.
They should be wearing sunglasses and sun cream (Which is not productive for this kind of work).

You really need full sun direct onto your subject.

Unless you purchase a purpose built UV band pass camera with expensive Quartz lenses, you are going to need to buy various items, have them modified and manually assemble.

There are 2 types of camera modifications I will mention.
  • Converting a camera to Full spectrum
  • Converting a camera to UV only

I have elected to convert my camera to full spectrum as it is cheaper and more useful for other types of photography.
As per my YouTube video (https://www.youtube.com/watch?v=UrvViq2Y7OE), this means someone modified the camera. They open the camera up, remove parts and filters.

Modern cameras are designed to block UV and Infrared. They are built to restrict the captured light to that same light we can naturally see with our eyes. We need to undo all this.
The camera’s sensor is able to see much lower and higher in bandwidth than our eyes.
Once the camera is full spectrum, the sensor is opened up to its full range including the visual spectrum.

This is the first step, modifying the body. The next step is lens selection and UV band pass filters.
If you want contact details for this body modification, I will pass along details for Ehab Eassa whom I have do my work. He can also modify point and shoot cameras.

I have a Canon EOS 600D converted to full spectrum. Many debate that Nikon is better for UV as it is more sensitive but with recent cameras, I think it makes little difference.

If you elect to go to the trouble of converting a camera to UV only (the other option), the final UV image is much crisper. It is a far more expensive process.
It is more rewarding as the images are in greyscale (avoiding the distraction of the pinkish colour from Full spectrum conversions) and the detail is far better with better contrast.
This is because a professional has removed the micro lenses from the sensor. The Micro Lenses are responsible for breaking the detected image up into the colours that will produce a colour image.
They make images colourful but reduce contrast. Removing these mean the sensor can only work with image data in its native format, black and white.
I have contacts that can sell you a camera with this already done to it.


Now, you have your next battle. Lenses.
Since the mid 1980’s, almost all lenses have a multicoating on it to stop light bouncing around inside the lens body causing flaring. It also reduces UV. This coating is on the front of the glass.
The other problem is glass. The more glass elements that are in the lens, the more that UV is reduced.
The more that UV is reduced, the longer your exposure needs to be and the higher the ISO to get an image.
I can’t buy any lenses made for my canon body that will not block UV. All lenses do.
My choices are
  • Take a perfectly good lens and try and buff/scratch the UV multicoating off (The works but will reduce final image contrast).
  • Buy an old lens and fit it with adapters.
  • By a real UV lens made of quartz (Rare and very expensive). Nikon made one for a while.

I have gone with the second option. I have purchased old Enlarger lenses. These lenses are from the film days, used by film developers to expose film, to give you your little packet of photos.
They shine a light through the negative, through this lens, onto the final piece of film.
These lenses needed to be very faithful in reproducing the negative. They have no UV coatings and very few lens elements. They are at limited focal lengths.
I am using the EL Nikkor series of enlarger lenses, purchased from eBay.

I then have an adaptor to mount it to my canon mount.

As the lenses are not for Canon, the focal plane is not aligned with the correct focal distance so I use a bellows to get focus.


Now comes the easy part. You need a Bad pass filter for UV. This blocks all but UV. There is no visible light or IR leaking through my filter. Only UV. Even holding the lens to the sun, I can’t see through it.
I opted to buy a telescope accessory and some step up/step down rings to make it fit my lens. I have a BaaderU filter.

Now, you need to put it all together and can start looking at Video. at this point, this excersie will have easily cost over $1000 AUS/USD.


I note that in live view mode whilst talking a photo, I get a nice clean 720p video image, if I made the ISO high (6400), the shutter slow 8” and manually focus and set the lens to F4 or less (There is no electronic control of the lens settings).
The only issues are the sun reflecting off the live view screen made it hard to view and in live view and if you are not actively taking photos, it shuts off quickly.

In video mode, all the settings are Auto and I can’t see anything at all.
By setting the video mode to manual, I can control the ISO and the video format. I was able to record in 1080p. I also set the style to greyscale.

I now need to concentrate more on focus and use a tripod (You can zoom in in live view to check your focus).

Further experimentation

My other options I have yet to play with are Magic Lantern and recording from live view mode in 720p.

Here are the next steps to explore

Capture 720P HD With Any LiveView Capable Canon Camera

The Canon 600D is supported by magic lantern and has some additional video control
I will note that my sensor is not sensitive enough for high frame rate however, given the budget I am working with, the result is quite good.

Here is an example of what my setup can produce


Tags: , , ,

HP Intelligent Provisioning version 1.16 and Broadcom drivers ……

We have a brand new server on our bench and are using the Gen 8 HP intelligent Provisioning 1.16 and installing Windows server. It copies all the data from the DVD to the new RAID we have created and reboots and then Windows fails to further install, due to a driver error. We figured it was the RAID card we added and slipstreamed the drivers into the OS install and tried again. It failed. We updated all firmware and drivers, still failed.

The failure happens about 45 minutes into the install so each new attempt takes ages to get to the point of failure.

After 5 or 6 hours of messing about, we called on HP. After their attempts to remote in via iLo and their own firmware checks (and under the hood checks) it was still nto installing Windows.

They spent days on it. Finally, we descided to call time on this adventure. We wasted too much time. We insisted it must be the mainboard.

The HP tech turned up and he started his own tests. He also found that it was a driver fault and after digging, worked out that the broadbom network driver was halting everything.

After another 5 or so hours, he finally replaced the motherboard. now it is all fixesd.

His conclusion is that the older firmware on the mainboard (intelligent Provisioning version 1.15) was more accepting of the Broadcom card and allowed everything to work.

So, if anyone strikes this same issue here are my conclusions

1) Call HP carepack team sooner rather than later. They are paid to fix these things and have the resources.

2) Newer firmware does not mean better

3) Get HP to do as much of the work as possible whilst it is under Carepack as this cost us dearly.


Tags: , , ,

Trend Micro TMWF 9 Exchange (Scanmail – Smex) not configurable within the console

When opening the Console, Security Settings, Click the  Exchange server in the list and click “Security Settings” … nothing happens. No popups, no errors, no nothing.

I can’t get into the Antivirus or antispam settings and the agent appears to be offline?

As this console normally opens up http://ExchangeServer:16372/smex/cgiDispatcher.exe?Page=scan/Antispam.htm&Locale=&CurPage=

My first step was to telnet to the Exchange server on port 16372 and, it did not answer.

As Smex runs from within a web server (in my case IIS), I looked at the default website and it  was not running on port 16372.  The port that it was running on did not match the firewall rule.

This means the smex service could not bind to a port when the service starts and as this port did not match the console, I had no hopes of connecting to it.

I change the port in IIS and the firewall rule. Restarted the website and … all fixed !



Tags: ,

Has Cryptolocker Crypted it’s last lock ?

The news is that some smart people have managed to obtain a copy of the database that contains all the Victim’s details. Now, instead of paying for decryption, you can get the decryption for free, self service.

Head on over to this article to read more: http://www.crn.com.au/News/390855,can-this-exploit-beat-cryptolocker.aspx

I don’t think we have seen the end of these types of Malware but at least this proves that the Malware writers are not invincible.