Has anyone popped popcorn recently? I started it yesterday and got as far as www-data shell easily enough. I see there's an exploit for PAM MOTD which I tried but am asked for a password for www-data account which I don't have. I also don't have a password for george.
I figured that would be my next step but for some reason (it was late and I was feeling lazy...) I checked the write ups by ipp and arrexel and there's no mention of needing a password when they run the same exploit.
There's also no mention of using the file renamer PHP script at /index.php but maybe that's just the way they did it.
I'm just wondering really, has this box been changed since release/write up or is just something slightly different that I'm doing?
In more general terms, do boxes ever get modified after release?