This is an attack against the Feeless library: https://github.com/bitclave/Feeless
The design allows a reentrancy attack, see Attacker.sol, when used in more complex systems.
For the full explanation, please read our medium article.
Run npm install to install the necessary dependencies.
The test case contains the full attack. It can be run with truffle test.