Flag plus input is compressed (deflate) and then encrypted (AES CTR). Using the resulting ciphertext length we can guess the flag one character at a time.