Reverse engineering Transbank's KCC

January 28, 2013

Transbank's KCC is the piece of software supplied by the Chilean gateway to integrate with their on line payment solution Webpay. It's written in plain C and runs as a CGI inside your application servers translating between a simple POST API and the gateway private protocol.

This presented several issues mainly:

So I took the challenge of reverse engineering the binaries.

I won't go long on how I managed to perform such a feat, but I learned a whole lot of GDB in doing so and luckily for me the binaries weren't stripped from it's symbols so breakpointing on key functions and inspecting the stack along with a bit of imagination did most of the job.

The good thing is that I finally managed to find out how the communication between Transbank and the KCC worked and implemented a replacement written in pure Ruby to the joy of the Chilean startup community and I promise to release a summary of the protocol soon, so others can release a replacement for other languages (I'm I hearing NodeJS or Python?)

Most of this work was performed more than a year ago and the integration has been working on Welcu's servers for around a year, so even thou it still has some rough edges it's usable in production. Sadly I was unable to release it sooner because of some security concerns that needed to be addressed first and from which I'm also going to write about in due time. (Spoiler: it's no coincidence that Transbank released a new version of it's KCC around a year ago)

Discussion, links, and tweets

I'm Co Founder & CTO at Welcu and a Natural born hacker.