We can simplify `pow(p, m, m)*pow(q, m, m) + p*pow(q, m, m) + q*pow(p, m, m) + p*q + pow(p, m-1, m)*pow(q, m-1, m)` as `pow(x, m, m) == x`, and `pow(y, m-1, m) == 1` for all m, so the simplified version is `p*q+p*q+p*q+p*q+1` or just `p*q*4+1`.

This means we know the public key N and e, and can encrypt any plaintext. Luckily doing this 0x20 times is all that's required to get the flag here. To do it correctly with padding, we have to use the PKCS1_OAEP padding scheme.

```python
from Crypto.Cipher import PKCS1_OAEP
from Crypto.PublicKey import RSA
from base64 import b64decode, b64encode
from pwn import remote

r = remote("crypto.byteband.it", 7002)
r.recvline(); r.recvline(); # receive header

for i in range(32): # 32 iterations needed, found by testing
print(i, end=" ")
d = r.recvuntil("Ciphertext (b64encoded) : ").split(b"\n")
plain = b64decode(d[2].split(b" ")[1]) # plaintext is b64encoded in line2
N = int(d[4], 16) # N is in line 4 as hex
m = int(d[5], 16) # (not needed) m is in line 5 as hex
# revert 4*p*q+1
N = (N-1)//4
e = 65537 # given by gen_rsa_key(bits, e=65537)

# just do regular forward encryption
keys = RSA.RsaKey(n=N, e=65537)
encryptor = PKCS1_OAEP.new(keys)
cipher = encryptor.encrypt(plain)
r.send(b64encode(cipher)+b"\n")

# after 32 iterations, print all lines
while(True):
print(r.recvline())
```