This one takes me between 10-15 minutes on my laptop. Some things to keep in mind:

• If you want to have an implementation with a reasonable runtime you need to attack this byte by byte.
• If you get back a 500 status for every possible byte (0x00 - 0xff) you've done something wrong.
• If you're unfamiliar with PKCS7 padding refer here. Especially important is to remember that "If the original data is a multiple of N bytes, then an extra block of bytes with value N is added".

Good luck!

Hey, the ciphertext in the description of the challenge (c6574d8a54c952a7f298673ee7063c16ecf5f6d6405e2ad74254ff211635e390) gets a 500 error. ??

Means the ciphertext is incomplete?

Can you provide an encrypted message that will not return a 500 error? I believe the server is broken. Change my mind.