This is exactly same as coffer-overflow-1 from redpwn-2020.
This time the variable has to be overwritten with a specific value instead of any random value.
Using gdb, the distance between the starting address of the buffer and the address of the variable to be overwritten was found to be 44 bytes, so we can have some padding of 44 bytes and then have the magic value in little endian. This worked:
python2 -c "print 'A'*44 + '\xbe\xba\xfe\xca'" | ./pwn-intended-0x2