TLDR

Recover `plaintext[:16]` via decrypting `ciphertext[:16]`.

With all following blocks:
- Send `b'\x00' * 16` to retrieve IV from `result[16:]` because padding makes plaintext look like `b'\x00' * 32`.
- Recover `plaintext[16:32]` and so on via `ciphertext[16:32] ^ ciphertext[0:16] ^ iv`, `plaintext[32:48] = ciphertext[32:48] ^ ciphertext[16:32] ^ iv` ...

[Original writeup](https://lucaschen1000.github.io/downunder-ctf#ecbc)