Tags: rsa twister
1. Recover `n` as `gcd(m^e - encrypt(m))` for several small `m`.
2. Decrypt AES key using last byte provided by `decrypt` command.
3. Recover state of python's PRNG by collecting multiple IV from `encrypt` command.
4. Decrypt the flag using AES key and predicted IV.
This is mixed cipher not Revolutional Secure Angou
Hey, isn't this the solution for Mixed Cipher and not RevolutionalSecureAngou?