Tags: pwn crypto
Rating: 5.0
TL;DR: overflow AES padding into RSA plaintext of AES key, recover AES key via Coppersmith related message attack, decrypt flag. See writeup.
I don't remember