Conclusion#
This was an interesting challenge. Learning how to recreating a running operating system with only being able to read files taught me some useful techniques for testing other systems. I see it as attempting to map the contents of a room, but the only visibility the mapper has is peering through a keyhole. I don't know how close my recreation matches the actual environment used by the Challenge, but I'd like to think it is very close.
I'll close with a 'Thank you!' to everyone at SANS and Counter Hack for producing this every year. A special 'thank you' to Ed, for reaching out when I wasn't sure I was even going to participate this year. That contact means more than I can say. May you find an actual Coney Dog somewhere near you.
The files necessary to create the container and the script used to abuse the LFI vulnerability are on my GitHub
A PDF version of this writeup is available here
Only 11 more months until HHC 2022!