I had an existing Bleichenbacher attack from doing the cryptopals exercises in particular this one: https://cryptopals.com/sets/6/challenges/47 I attached the latest version i used to generate the signed message. It's hardcoded with a particular blinded value because I parallelised the code in two parts (blinding then the other queries) as I was executing the attack and saving the blinded value allowed me to skip a lot of queries. I used https://robotattack.org/ test server functionality to do reconnaissance on CTF servers and find out which TLS alerts I needed to check for. I used crt.sh to find the certificate for the second challenge: https://crt.sh/?spkisha256=ef5da4b82c2945f0b3d726387d9038253dea8216d6572c261b317965b633ffc5 I also tried using https://censys.io/ to try and find the server on my first attempt (before the issue where the wrong cert had been deployed was fixed) because the cert wasn't showing up in the certificate transparency logs so I assumed it was not submitted. censys.io lets you search by modulus and subject public key info and it does it using scans and the last one was done on the 15th. so i was pretty confused about how I was going to find the machine when it wasn't showing up in cert logs or censys scan.