Base 64 is too mainstream but we could not manage to decide on the final encoding scheme…

There is a server at that answers Method Not Allowed.
By doing a POST request we obtain Param 'sample' is expected"

Let’s try to send this parameter:

$ curl -X POST '' -d "sample=aabbcc"
Your encrypted sample is ᰳ緩֒ and the flag is 𐅬𒨲揑棂횐⠎ń䳣輫𓶂Ƨ !

This program writes the sample and the flag in hexadecimal:

#include <stdio.h>
#include <string.h>

int main(){
    int c,i;
    unsigned char buf[100000];
    int end2=i;
    unsigned char *my = buf+25;
    unsigned char *myend = memmem(buf,100000," and the",8);
    int eq=0;
    int len = myend-my;
    unsigned char *flag = my+len+17;
    int len2 = end2-(flag-buf);
    for(i=0;i<len;i++)printf("%02x ",my[i]);
    for(i=0;i<len2;i++)printf("%02x ",flag[i]);
$ curl -X POST '' -d "sample=aabbcc" | ./tohex
e4 81 be e0 aa aa e1 8a b4 
eb a4 bc e1 ab a6 f0 95 94 95 f0 95 a5 b7 f0 94 a1 83 e5 bf 88 f0 95 87 9d eb 96 a3 e9 ae a7 e6 a6 b3 e6 82 84 20 21

By trying some inputs, we can see that some patterns repeat: aaaaaaaa
aa|aa|aa|aa: f0 93 bd 86 | f0 93 bd 86 | f0 93 bd 86 | f0 93 bd 86

aabb|aabb: ed 83 98 eb 8d 82 | ed 83 98 eb 8d 82

aabbcc|aabbcc: e1 9e a1 eb 97 9d c8 b7 | e1 9e a1 eb 97 9d c8 b7

We can notice that the same pair of character corresponds to the same output. So we can precompute a table with all possible encrypted values by performing a request for all pairs of letters and then use the precomputed values to decrypt the flag.

By sending a request containing the sample ...AA112211AB112211AC112211AD112211AE112....zz112211 we obtain something containing a repeating pattern (e7 b3 b4 e1 a1 80 e7 b3 b4 in our case) that correspond to 112211 so we can split the string on it and recover the encrypted value for each pair from AA to zz.

$ curl -X POST '' -d "sample=AA112211AB1..." | ./tohex > out
$ cat out | ./aaa | sed 's/e7 b3 b4 e1 a1 80 e7 b3 b4/\n/g' > output1
$ paste list_of_pairs output1 > solution_list
AA  f0 93 81 9a 
AB  e5 93 b7 
AC  e9 bd bf 
AD  ec 99 9b 
AE  f0 93 97 a9 
AF  f0 96 b3 b6 
AG  f0 96 a9 ae 
AH  e2 85 97 
AI  ef 94 b1 
AJ  e9 9d 84 

The flag sent by the server is:

e8 89 bd e1 96 bf f0 91 b5 8d ee 9e bf e4 88 9c f0 91 b7 a2 e1 80 9f ea a2 bc f0 97 b6 bd ec 9a 93 eb ba 8f 20 21 0a 0

Now we can decrypt it by searching in the solution list, for example we can search e8 89 bd and notice that the flag starts with IN.

$ cat solution_list | grep "e8 89 bd"
IN  e8 89 bd