TL;DR: overflow AES padding into RSA plaintext of AES key, recover AES key via Coppersmith related message attack, decrypt flag. See [writeup](https://abiondo.me/2018/10/23/hitcon18-secretnote/).