in Technical minutes

Reverse engineering Transbank's KCC

Transbank's KCC is the piece of software supplied by the Chilean gateway to integrate with their on line payment solution Webpay. It's written in plain C and runs as a CGI inside your application servers translating between a simple POST API and the gateway private protocol.

This presented several issues mainly:

  • It's hard to deploy such binaries on modern application servers and cumbersome to interact from languages like Ruby.
  • It represents a security risk to execute software that isn't properly tested and to which source code you don't have access.

So I took the challenge of reverse engineering the binaries.

I won't go long on how I managed to perform such a feat, but I learned a whole lot of GDB in doing so and luckily for me the binaries weren't stripped from it's symbols so breakpointing on key functions and inspecting the stack along with a bit of imagination did most of the job.

The good thing is that I finally managed to find out how the communication between Transbank and the KCC worked and implemented a replacement written in pure Ruby to the joy of the Chilean startup community and I promise to release a summary of the protocol soon, so others can release a replacement for other languages (I'm I hearing NodeJS or Python?)

Most of this work was performed more than a year ago and the integration has been working on Welcu's servers for around a year, so even thou it still has some rough edges it's usable in production. Sadly I was unable to release it sooner because of some security concerns that needed to be addressed first and from which I'm also going to write about in due time. (Spoiler: it's no coincidence that Transbank released a new version of it's KCC around a year ago)