Tags: padding rsa 

Rating: 5.0

tl;dr:
1. Notice each character is encrypted separately
2. There is no random padding added so the same character always gets encrypted the same way
3. Create a lookup table for encryption all 256 bytes and use it to decrypt the flag

Full writeup: https://github.com/p4-team/ctf/tree/master/2019-09-02-tokyowesterns/baby_rsa