From 6d3ca3f56cf2675500cebc3f542d2c06a0cba646 Mon Sep 17 00:00:00 2001
From: Brunon Blok <43315279+brun0ne@users.noreply.github.com>
Date: Thu, 6 Apr 2023 23:31:45 +0000
Subject: [PATCH 1/5] fix xss in addOperation

---
 src/web/waiters/RecipeWaiter.mjs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/web/waiters/RecipeWaiter.mjs b/src/web/waiters/RecipeWaiter.mjs
index 42e763b0..2722a9c2 100755
--- a/src/web/waiters/RecipeWaiter.mjs
+++ b/src/web/waiters/RecipeWaiter.mjs
@@ -396,7 +396,7 @@ class RecipeWaiter {
         const item = document.createElement("li");
 
         item.classList.add("operation");
-        item.innerHTML = name;
+        item.innerHTML = Utils.escapeHtml(name);
         this.buildRecipeOperation(item);
         document.getElementById("rec-list").appendChild(item);
 

From 12082ba3ccf039d905894136fe13cbf9a8f17421 Mon Sep 17 00:00:00 2001
From: Brunon Blok <43315279+brun0ne@users.noreply.github.com>
Date: Fri, 7 Apr 2023 00:59:51 +0000
Subject: [PATCH 2/5] escape only angle brackets

---
 src/web/waiters/RecipeWaiter.mjs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/web/waiters/RecipeWaiter.mjs b/src/web/waiters/RecipeWaiter.mjs
index 2722a9c2..78a3acba 100755
--- a/src/web/waiters/RecipeWaiter.mjs
+++ b/src/web/waiters/RecipeWaiter.mjs
@@ -396,7 +396,7 @@ class RecipeWaiter {
         const item = document.createElement("li");
 
         item.classList.add("operation");
-        item.innerHTML = Utils.escapeHtml(name);
+        item.innerHTML = name.replace('>', '&gt;', 'g').replace('<', '&lt;', 'g');
         this.buildRecipeOperation(item);
         document.getElementById("rec-list").appendChild(item);
 

From e9ff8707ed28368d9e3d982f1c8fe95390fab102 Mon Sep 17 00:00:00 2001
From: Brunon Blok <43315279+brun0ne@users.noreply.github.com>
Date: Fri, 7 Apr 2023 01:02:33 +0000
Subject: [PATCH 3/5] comply with eslint

---
 src/web/waiters/RecipeWaiter.mjs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/web/waiters/RecipeWaiter.mjs b/src/web/waiters/RecipeWaiter.mjs
index 78a3acba..aea6633a 100755
--- a/src/web/waiters/RecipeWaiter.mjs
+++ b/src/web/waiters/RecipeWaiter.mjs
@@ -396,7 +396,7 @@ class RecipeWaiter {
         const item = document.createElement("li");
 
         item.classList.add("operation");
-        item.innerHTML = name.replace('>', '&gt;', 'g').replace('<', '&lt;', 'g');
+        item.innerHTML = name.replace(">", "&gt;", "g").replace("<", "&lt;", "g");
         this.buildRecipeOperation(item);
         document.getElementById("rec-list").appendChild(item);
 

From 30f9286ce98ac57b2c9f5b7e889eee3c5491b2e1 Mon Sep 17 00:00:00 2001
From: Brunon Blok <43315279+brun0ne@users.noreply.github.com>
Date: Fri, 7 Apr 2023 12:36:10 +0000
Subject: [PATCH 4/5] different fix

---
 src/web/waiters/RecipeWaiter.mjs | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/web/waiters/RecipeWaiter.mjs b/src/web/waiters/RecipeWaiter.mjs
index aea6633a..8b41b9b0 100755
--- a/src/web/waiters/RecipeWaiter.mjs
+++ b/src/web/waiters/RecipeWaiter.mjs
@@ -396,7 +396,11 @@ class RecipeWaiter {
         const item = document.createElement("li");
 
         item.classList.add("operation");
-        item.innerHTML = name.replace(">", "&gt;", "g").replace("<", "&lt;", "g");
+
+        if (this.app.operations[name] != null) {
+            item.innerHTML = name;
+        }
+
         this.buildRecipeOperation(item);
         document.getElementById("rec-list").appendChild(item);
 

From 0e0bafdeb6e3d75990c7b8660b53156cc93c13f0 Mon Sep 17 00:00:00 2001
From: sg5506844 <130462468+sg5506844@users.noreply.github.com>
Date: Wed, 12 Apr 2023 11:20:18 +0530
Subject: [PATCH 5/5] Add Bcrypt hash detection to "Analyse hash"

---
 src/core/operations/AnalyseHash.mjs | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/src/core/operations/AnalyseHash.mjs b/src/core/operations/AnalyseHash.mjs
index 72c80840..ad9202f5 100644
--- a/src/core/operations/AnalyseHash.mjs
+++ b/src/core/operations/AnalyseHash.mjs
@@ -35,6 +35,17 @@ class AnalyseHash extends Operation {
     run(input, args) {
         input = input.replace(/\s/g, "");
 
+        // analyze hash if it is bcrypt
+        if (/^\$2[abxy]?\$[0-9]+\$[a-zA-Z0-9/.]{53}$/.test(input)) {
+            input = input.split("$");
+            return "Hash algorithm Identifier: $" + input[1] + "$\n" +
+                "Rounds: " + input[2] + "\n" +
+                "Base64 encoded Input salt(22 bytes): " + input[3].slice(0, 22) + "\n" +
+                "Base64 encoded hash(31 bytes): " + input[3].slice(22) + "\n\n" +
+                "Based on the length, this hash could have been generated by one of the following hashing functions:\n" +
+                "bcrypt";
+        }
+
         let output = "",
             possibleHashFunctions = [];
         const byteLength = input.length / 2,