## Solution
this is the exact same binary as tank-game except the free shell function was removed. I didn't write a solver but the only extra steps involve leaking a libc address via the printable strings and performing a ret2libc.