(nice solutions will get extra score, as usual)
This zip file contains a RSA test key pair and two simple bash scripts to sign and verify messages. The scripts are supposed to sign contracts of the form “I owe Bob xxxx Euros. Alice.”
Apparently, for compatibility with legacy systems, the security of the adopted algorithm is pretty poor and Bob has found a way to fool Alice into signing a contract with an amount different from what she expects … can you find out how?