From 3e7738931522e18b2c23f4f6126ee76b67488aea Mon Sep 17 00:00:00 2001
From: Sarah Jamie Lewis <sarah@openprivacy.ca>
Date: Thu, 29 Apr 2021 11:46:40 -0700
Subject: [PATCH] Fuzzbot Prototype + Various API Upgrades

---
 .gitignore             |   1 +
 bot.go                 |  21 ++
 cmd/echobot/main.go    |   5 +-
 cmd/fuzzbot/blns.json  | 517 +++++++++++++++++++++++++++++++++++++++++
 cmd/fuzzbot/fuzzbot.go | 114 +++++++++
 go.mod                 |   6 +-
 go.sum                 |  29 +++
 7 files changed, 689 insertions(+), 4 deletions(-)
 create mode 100644 .gitignore
 create mode 100644 cmd/fuzzbot/blns.json
 create mode 100644 cmd/fuzzbot/fuzzbot.go

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..9f11b75
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+.idea/
diff --git a/bot.go b/bot.go
index cd71c12..6a3eb46 100644
--- a/bot.go
+++ b/bot.go
@@ -7,6 +7,7 @@ import (
 	"cwtch.im/cwtch/event"
 	"cwtch.im/cwtch/peer"
 	"encoding/base64"
+	"encoding/json"
 	"git.openprivacy.ca/openprivacy/connectivity"
 	"git.openprivacy.ca/openprivacy/connectivity/tor"
 	"git.openprivacy.ca/openprivacy/log"
@@ -32,6 +33,25 @@ func NewCwtchBot(userdir string, peername string) *CwtchBot {
 	return cb
 }
 
+type MessageWrapper struct {
+	Overlay int `json:"o"`
+	Data string `json:"d"`
+}
+
+func (cb * CwtchBot) PackMessage(overlay int, message string) []byte {
+	mw := new(MessageWrapper)
+	mw.Overlay = overlay
+	mw.Data = message
+	data,_ := json.Marshal(mw)
+	return data
+}
+
+func (cb * CwtchBot) UnpackMessage(message string) MessageWrapper {
+	mw := new(MessageWrapper)
+	json.Unmarshal([]byte(message), mw)
+	return *mw
+}
+
 func (cb *CwtchBot) Launch() {
 	mrand.Seed(int64(time.Now().Nanosecond()))
 	port := mrand.Intn(1000) + 9600
@@ -75,6 +95,7 @@ func (cb *CwtchBot) Launch() {
 		eb.Subscribe(event.SendMessageToPeerError, cb.Queue)
 		eb.Subscribe(event.ServerStateChange, cb.Queue)
 		eb.Subscribe(event.PeerStateChange, cb.Queue)
+		eb.Subscribe(event.NewGetValMessageFromPeer,cb.Queue)
 		time.Sleep(time.Second * 4)
 	}
 	app.LaunchPeers()
diff --git a/cmd/echobot/main.go b/cmd/echobot/main.go
index fe82401..659bc41 100644
--- a/cmd/echobot/main.go
+++ b/cmd/echobot/main.go
@@ -29,7 +29,10 @@ func main() {
 		case event.NewMessageFromPeer:
 			log.Infof("New Event: %v", message)
 			cwtchbot.Queue.Publish(event.NewEvent(event.PeerAcknowledgement, map[event.Field]string{event.EventID: message.EventID, event.RemotePeer: message.Data[event.RemotePeer]}))
-			cwtchbot.Peer.SendMessageToPeer(message.Data[event.RemotePeer], message.Data[event.Data])
+			msg := cwtchbot.UnpackMessage(message.Data[event.Data])
+			log.Infof("Message: %v", msg)
+			reply := string(cwtchbot.PackMessage(msg.Overlay, msg.Data))
+			cwtchbot.Peer.SendMessageToPeer(message.Data[event.RemotePeer], reply)
 		case event.PeerStateChange:
 			state := message.Data[event.ConnectionState]
 			if state == connections.ConnectionStateName[connections.AUTHENTICATED] {
diff --git a/cmd/fuzzbot/blns.json b/cmd/fuzzbot/blns.json
new file mode 100644
index 0000000..bfb195f
--- /dev/null
+++ b/cmd/fuzzbot/blns.json
@@ -0,0 +1,517 @@
+[
+  "", 
+  "undefined", 
+  "undef", 
+  "null", 
+  "NULL", 
+  "(null)", 
+  "nil", 
+  "NIL", 
+  "true", 
+  "false", 
+  "True", 
+  "False", 
+  "TRUE", 
+  "FALSE", 
+  "None", 
+  "hasOwnProperty", 
+  "then", 
+  "\\", 
+  "\\\\", 
+  "0", 
+  "1", 
+  "1.00", 
+  "$1.00", 
+  "1/2", 
+  "1E2", 
+  "1E02", 
+  "1E+02", 
+  "-1", 
+  "-1.00", 
+  "-$1.00", 
+  "-1/2", 
+  "-1E2", 
+  "-1E02", 
+  "-1E+02", 
+  "1/0", 
+  "0/0", 
+  "-2147483648/-1", 
+  "-9223372036854775808/-1", 
+  "-0", 
+  "-0.0", 
+  "+0", 
+  "+0.0", 
+  "0.00", 
+  "0..0", 
+  ".", 
+  "0.0.0", 
+  "0,00", 
+  "0,,0", 
+  ",", 
+  "0,0,0", 
+  "0.0/0", 
+  "1.0/0.0", 
+  "0.0/0.0", 
+  "1,0/0,0", 
+  "0,0/0,0", 
+  "--1", 
+  "-", 
+  "-.", 
+  "-,", 
+  "999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999", 
+  "NaN", 
+  "Infinity", 
+  "-Infinity", 
+  "INF", 
+  "1#INF", 
+  "-1#IND", 
+  "1#QNAN", 
+  "1#SNAN", 
+  "1#IND", 
+  "0x0", 
+  "0xffffffff", 
+  "0xffffffffffffffff", 
+  "0xabad1dea", 
+  "123456789012345678901234567890123456789", 
+  "1,000.00", 
+  "1 000.00", 
+  "1'000.00", 
+  "1,000,000.00", 
+  "1 000 000.00", 
+  "1'000'000.00", 
+  "1.000,00", 
+  "1 000,00", 
+  "1'000,00", 
+  "1.000.000,00", 
+  "1 000 000,00", 
+  "1'000'000,00", 
+  "01000", 
+  "08", 
+  "09", 
+  "2.2250738585072011e-308", 
+  ",./;'[]\\-=", 
+  "<>?:\"{}|_+", 
+  "!@#$%^&*()`~", 
+  "\u0001\u0002\u0003\u0004\u0005\u0006\u0007\b\u000e\u000f\u0010\u0011\u0012\u0013\u0014\u0015\u0016\u0017\u0018\u0019\u001a\u001b\u001c\u001d\u001e\u001f", 
+  "€‚ƒ„†‡ˆ‰Š‹ŒŽ‘’“”•–—˜™š›œžŸ", 
+  "\t\u000b\f …             ​

  　", 
+  "­؀؁؂؃؄؅؜۝܏᠎​‌‍‎‏‪‫‬‭‮⁠⁡⁢⁣⁤⁦⁧⁨⁩𑂽𛲠𛲡𛲢𛲣𝅳𝅴𝅵𝅶𝅷𝅸𝅹𝅺󠀁󠀠󠀡󠀢󠀣󠀤󠀥󠀦󠀧󠀨󠀩󠀪󠀫󠀬󠀭󠀮󠀯󠀰󠀱󠀲󠀳󠀴󠀵󠀶󠀷󠀸󠀹󠀺󠀻󠀼󠀽󠀾󠀿󠁀󠁁󠁂󠁃󠁄󠁅󠁆󠁇󠁈󠁉󠁊󠁋󠁌󠁍󠁎󠁏󠁐󠁑󠁒󠁓󠁔󠁕󠁖󠁗󠁘󠁙󠁚󠁛󠁜󠁝󠁞󠁟󠁠󠁡󠁢󠁣󠁤󠁥󠁦󠁧󠁨󠁩󠁪󠁫󠁬󠁭󠁮󠁯󠁰󠁱󠁲󠁳󠁴󠁵󠁶󠁷󠁸󠁹󠁺󠁻󠁼󠁽󠁾󠁿", 
+  "", 
+  "￾", 
+  "Ω≈ç√∫˜µ≤≥÷", 
+  "åß∂ƒ©˙∆˚¬…æ", 
+  "œ∑´®†¥¨ˆøπ“‘", 
+  "¡™£¢∞§¶•ªº–≠", 
+  "¸˛Ç◊ı˜Â¯˘¿", 
+  "ÅÍÎÏ˝ÓÔÒÚÆ☃", 
+  "Œ„´‰ˇÁ¨ˆØ∏”’", 
+  "`⁄€‹›fifl‡°·‚—±", 
+  "⅛⅜⅝⅞", 
+  "ЁЂЃЄЅІЇЈЉЊЋЌЍЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫЬЭЮЯабвгдежзийклмнопрстуфхцчшщъыьэюя", 
+  "٠١٢٣٤٥٦٧٨٩", 
+  "⁰⁴⁵", 
+  "₀₁₂", 
+  "⁰⁴⁵₀₁₂", 
+  "ด้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็ ด้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็ ด้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็", 
+  "'", 
+  "\"", 
+  "''", 
+  "\"\"", 
+  "'\"'", 
+  "\"''''\"'\"", 
+  "\"'\"'\"''''\"", 
+  "<foo val=“bar” />", 
+  "<foo val=“bar” />", 
+  "<foo val=”bar“ />", 
+  "<foo val=`bar' />", 
+  "田中さんにあげて下さい", 
+  "パーティーへ行かないか", 
+  "和製漢語", 
+  "部落格", 
+  "사회과학원 어학연구소", 
+  "찦차를 타고 온 펲시맨과 쑛다리 똠방각하", 
+  "社會科學院語學研究所", 
+  "울란바토르", 
+  "𠜎𠜱𠝹𠱓𠱸𠲖𠳏", 
+  "𐐜 𐐔𐐇𐐝𐐀𐐡𐐇𐐓 𐐙𐐊𐐡𐐝𐐓/𐐝𐐇𐐗𐐊𐐤𐐔 𐐒𐐋𐐗 𐐒𐐌 𐐜 𐐡𐐀𐐖𐐇𐐤𐐓𐐝 𐐱𐑂 𐑄 𐐔𐐇𐐝𐐀𐐡𐐇𐐓 𐐏𐐆𐐅𐐤𐐆𐐚𐐊𐐡𐐝𐐆𐐓𐐆",
+  "表ポあA鷗ŒéＢ逍Üߪąñ丂㐀𠀀", 
+  "Ⱥ", 
+  "Ⱦ", 
+  "ヽ༼ຈل͜ຈ༽ﾉ ヽ༼ຈل͜ຈ༽ﾉ", 
+  "(｡◕ ∀ ◕｡)", 
+  "｀ｨ(´∀｀∩", 
+  "__ﾛ(,_,*)", 
+  "・(￣∀￣)・:*:", 
+  "ﾟ･✿ヾ╲(｡◕‿◕｡)╱✿･ﾟ", 
+  ",。・:*:・゜’( ☻ ω ☻ )。・:*:・゜’", 
+  "(╯°□°）╯︵ ┻━┻)", 
+  "(ﾉಥ益ಥ）ﾉ ┻━┻", 
+  "┬─┬ノ( º _ ºノ)", 
+  "( ͡° ͜ʖ ͡°)", 
+  "¯\\_(ツ)_/¯", 
+  "😍", 
+  "👩🏽", 
+  "👨‍🦰 👨🏿‍🦰 👨‍🦱 👨🏿‍🦱 🦹🏿‍♂️", 
+  "👾 🙇 💁 🙅 🙆 🙋 🙎 🙍", 
+  "🐵 🙈 🙉 🙊", 
+  "❤️ 💔 💌 💕 💞 💓 💗 💖 💘 💝 💟 💜 💛 💚 💙", 
+  "✋🏿 💪🏿 👐🏿 🙌🏿 👏🏿 🙏🏿", 
+  "👨‍👩‍👦 👨‍👩‍👧‍👦 👨‍👨‍👦 👩‍👩‍👧 👨‍👦 👨‍👧‍👦 👩‍👦 👩‍👧‍👦", 
+  "🚾 🆒 🆓 🆕 🆖 🆗 🆙 🏧", 
+  "0️⃣ 1️⃣ 2️⃣ 3️⃣ 4️⃣ 5️⃣ 6️⃣ 7️⃣ 8️⃣ 9️⃣ 🔟", 
+  "🇺🇸🇷🇺🇸 🇦🇫🇦🇲🇸", 
+  "🇺🇸🇷🇺🇸🇦🇫🇦🇲", 
+  "🇺🇸🇷🇺🇸🇦", 
+  "１２３", 
+  "١٢٣", 
+  "ثم نفس سقطت وبالتحديد،, جزيرتي باستخدام أن دنو. إذ هنا؟ الستار وتنصيب كان. أهّل ايطاليا، بريطانيا-فرنسا قد أخذ. سليمان، إتفاقية بين ما, يذكر الحدود أي بعد, معاملة بولندا، الإطلاق عل إيو.", 
+  "בְּרֵאשִׁית, בָּרָא אֱלֹהִים, אֵת הַשָּׁמַיִם, וְאֵת הָאָרֶץ", 
+  "הָיְתָהtestالصفحات التّحول", 
+  "﷽", 
+  "ﷺ",
+  "مُنَاقَشَةُ سُبُلِ اِسْتِخْدَامِ اللُّغَةِ فِي النُّظُمِ الْقَائِمَةِ وَفِيم يَخُصَّ التَّطْبِيقَاتُ الْحاسُوبِيَّةُ، ", 
+  "᚛ᚄᚓᚐᚋᚒᚄ ᚑᚄᚂᚑᚏᚅ᚜‪‪‪", 
+  "‪‪᚛                 ᚜‪",
+  "‪‪test‪", 
+  "‫test‫", 
+  "
test
", 
+  "test⁠test‫", 
+  "⁦test⁧", 
+  "Ṱ̺̺̕o͞ ̷i̲̬͇̪͙n̝̗͕v̟̜̘̦͟o̶̙̰̠kè͚̮̺̪̹̱̤ ̖t̝͕̳̣̻̪͞h̼͓̲̦̳̘̲e͇̣̰̦̬͎ ̢̼̻̱̘h͚͎͙̜̣̲ͅi̦̲̣̰̤v̻͍e̺̭̳̪̰-m̢iͅn̖̺̞̲̯̰d̵̼̟͙̩̼̘̳ ̞̥̱̳̭r̛̗̘e͙p͠r̼̞̻̭̗e̺̠̣͟s̘͇̳͍̝͉e͉̥̯̞̲͚̬͜ǹ̬͎͎̟̖͇̤t͍̬̤͓̼̭͘ͅi̪̱n͠g̴͉ ͏͉ͅc̬̟h͡a̫̻̯͘o̫̟̖͍̙̝͉s̗̦̲.̨̹͈̣", 
+  "̡͓̞ͅI̗̘̦͝n͇͇͙v̮̫ok̲̫̙͈i̖͙̭̹̠̞n̡̻̮̣̺g̲͈͙̭͙̬͎ ̰t͔̦h̞̲e̢̤ ͍̬̲͖f̴̘͕̣è͖ẹ̥̩l͖͔͚i͓͚̦͠n͖͍̗͓̳̮g͍ ̨o͚̪͡f̘̣̬ ̖̘͖̟͙̮c҉͔̫͖͓͇͖ͅh̵̤̣͚͔á̗̼͕ͅo̼̣̥s̱͈̺̖̦̻͢.̛̖̞̠̫̰", 
+  "̗̺͖̹̯͓Ṯ̤͍̥͇͈h̲́e͏͓̼̗̙̼̣͔ ͇̜̱̠͓͍ͅN͕͠e̗̱z̘̝̜̺͙p̤̺̹͍̯͚e̠̻̠͜r̨̤͍̺̖͔̖̖d̠̟̭̬̝͟i̦͖̩͓͔̤a̠̗̬͉̙n͚͜ ̻̞̰͚ͅh̵͉i̳̞v̢͇ḙ͎͟-҉̭̩̼͔m̤̭̫i͕͇̝̦n̗͙ḍ̟ ̯̲͕͞ǫ̟̯̰̲͙̻̝f ̪̰̰̗̖̭̘͘c̦͍̲̞͍̩̙ḥ͚a̮͎̟̙͜ơ̩̹͎s̤.̝̝ ҉Z̡̖̜͖̰̣͉̜a͖̰͙̬͡l̲̫̳͍̩g̡̟̼̱͚̞̬ͅo̗͜.̟", 
+  "̦H̬̤̗̤͝e͜ ̜̥̝̻͍̟́w̕h̖̯͓o̝͙̖͎̱̮ ҉̺̙̞̟͈W̷̼̭a̺̪͍į͈͕̭͙̯̜t̶̼̮s̘͙͖̕ ̠̫̠B̻͍͙͉̳ͅe̵h̵̬͇̫͙i̹͓̳̳̮͎̫̕n͟d̴̪̜̖ ̰͉̩͇͙̲͞ͅT͖̼͓̪͢h͏͓̮̻e̬̝̟ͅ ̤̹̝W͙̞̝͔͇͝ͅa͏͓͔̹̼̣l̴͔̰̤̟͔ḽ̫.͕", 
+  "Z̮̞̠͙͔ͅḀ̗̞͈̻̗Ḷ͙͎̯̹̞͓G̻O̭̗̮", 
+  "˙ɐnbᴉlɐ ɐuƃɐɯ ǝɹolop ʇǝ ǝɹoqɐl ʇn ʇunpᴉpᴉɔuᴉ ɹodɯǝʇ poɯsnᴉǝ op pǝs 'ʇᴉlǝ ƃuᴉɔsᴉdᴉpɐ ɹnʇǝʇɔǝsuoɔ 'ʇǝɯɐ ʇᴉs ɹolop ɯnsdᴉ ɯǝɹo˥", 
+  "00˙Ɩ$-", 
+  "Ｔｈｅ ｑｕｉｃｋ ｂｒｏｗｎ ｆｏｘ ｊｕｍｐｓ ｏｖｅｒ ｔｈｅ ｌａｚｙ ｄｏｇ", 
+  "𝐓𝐡𝐞 𝐪𝐮𝐢𝐜𝐤 𝐛𝐫𝐨𝐰𝐧 𝐟𝐨𝐱 𝐣𝐮𝐦𝐩𝐬 𝐨𝐯𝐞𝐫 𝐭𝐡𝐞 𝐥𝐚𝐳𝐲 𝐝𝐨𝐠", 
+  "𝕿𝖍𝖊 𝖖𝖚𝖎𝖈𝖐 𝖇𝖗𝖔𝖜𝖓 𝖋𝖔𝖝 𝖏𝖚𝖒𝖕𝖘 𝖔𝖛𝖊𝖗 𝖙𝖍𝖊 𝖑𝖆𝖟𝖞 𝖉𝖔𝖌", 
+  "𝑻𝒉𝒆 𝒒𝒖𝒊𝒄𝒌 𝒃𝒓𝒐𝒘𝒏 𝒇𝒐𝒙 𝒋𝒖𝒎𝒑𝒔 𝒐𝒗𝒆𝒓 𝒕𝒉𝒆 𝒍𝒂𝒛𝒚 𝒅𝒐𝒈", 
+  "𝓣𝓱𝓮 𝓺𝓾𝓲𝓬𝓴 𝓫𝓻𝓸𝔀𝓷 𝓯𝓸𝔁 𝓳𝓾𝓶𝓹𝓼 𝓸𝓿𝓮𝓻 𝓽𝓱𝓮 𝓵𝓪𝔃𝔂 𝓭𝓸𝓰", 
+  "𝕋𝕙𝕖 𝕢𝕦𝕚𝕔𝕜 𝕓𝕣𝕠𝕨𝕟 𝕗𝕠𝕩 𝕛𝕦𝕞𝕡𝕤 𝕠𝕧𝕖𝕣 𝕥𝕙𝕖 𝕝𝕒𝕫𝕪 𝕕𝕠𝕘", 
+  "𝚃𝚑𝚎 𝚚𝚞𝚒𝚌𝚔 𝚋𝚛𝚘𝚠𝚗 𝚏𝚘𝚡 𝚓𝚞𝚖𝚙𝚜 𝚘𝚟𝚎𝚛 𝚝𝚑𝚎 𝚕𝚊𝚣𝚢 𝚍𝚘𝚐", 
+  "⒯⒣⒠ ⒬⒰⒤⒞⒦ ⒝⒭⒪⒲⒩ ⒡⒪⒳ ⒥⒰⒨⒫⒮ ⒪⒱⒠⒭ ⒯⒣⒠ ⒧⒜⒵⒴ ⒟⒪⒢", 
+  "<script>alert(123)</script>", 
+  "&lt;script&gt;alert(&#39;123&#39;);&lt;/script&gt;", 
+  "<img src=x onerror=alert(123) />", 
+  "<svg><script>123<1>alert(123)</script>", 
+  "\"><script>alert(123)</script>", 
+  "'><script>alert(123)</script>", 
+  "><script>alert(123)</script>", 
+  "</script><script>alert(123)</script>", 
+  "< / script >< script >alert(123)< / script >", 
+  " onfocus=JaVaSCript:alert(123) autofocus", 
+  "\" onfocus=JaVaSCript:alert(123) autofocus", 
+  "' onfocus=JaVaSCript:alert(123) autofocus", 
+  "＜script＞alert(123)＜/script＞", 
+  "<sc<script>ript>alert(123)</sc</script>ript>", 
+  "--><script>alert(123)</script>", 
+  "\";alert(123);t=\"", 
+  "';alert(123);t='", 
+  "JavaSCript:alert(123)", 
+  ";alert(123);", 
+  "src=JaVaSCript:prompt(132)", 
+  "\"><script>alert(123);</script x=\"", 
+  "'><script>alert(123);</script x='", 
+  "><script>alert(123);</script x=", 
+  "\" autofocus onkeyup=\"javascript:alert(123)", 
+  "' autofocus onkeyup='javascript:alert(123)", 
+  "<script\\x20type=\"text/javascript\">javascript:alert(1);</script>", 
+  "<script\\x3Etype=\"text/javascript\">javascript:alert(1);</script>", 
+  "<script\\x0Dtype=\"text/javascript\">javascript:alert(1);</script>", 
+  "<script\\x09type=\"text/javascript\">javascript:alert(1);</script>", 
+  "<script\\x0Ctype=\"text/javascript\">javascript:alert(1);</script>", 
+  "<script\\x2Ftype=\"text/javascript\">javascript:alert(1);</script>", 
+  "<script\\x0Atype=\"text/javascript\">javascript:alert(1);</script>", 
+  "'`\"><\\x3Cscript>javascript:alert(1)</script>", 
+  "'`\"><\\x00script>javascript:alert(1)</script>", 
+  "ABC<div style=\"x\\x3Aexpression(javascript:alert(1)\">DEF", 
+  "ABC<div style=\"x:expression\\x5C(javascript:alert(1)\">DEF", 
+  "ABC<div style=\"x:expression\\x00(javascript:alert(1)\">DEF", 
+  "ABC<div style=\"x:exp\\x00ression(javascript:alert(1)\">DEF", 
+  "ABC<div style=\"x:exp\\x5Cression(javascript:alert(1)\">DEF", 
+  "ABC<div style=\"x:\\x0Aexpression(javascript:alert(1)\">DEF", 
+  "ABC<div style=\"x:\\x09expression(javascript:alert(1)\">DEF", 
+  "ABC<div style=\"x:\\xE3\\x80\\x80expression(javascript:alert(1)\">DEF", 
+  "ABC<div style=\"x:\\xE2\\x80\\x84expression(javascript:alert(1)\">DEF", 
+  "ABC<div style=\"x:\\xC2\\xA0expression(javascript:alert(1)\">DEF", 
+  "ABC<div style=\"x:\\xE2\\x80\\x80expression(javascript:alert(1)\">DEF", 
+  "ABC<div style=\"x:\\xE2\\x80\\x8Aexpression(javascript:alert(1)\">DEF", 
+  "ABC<div style=\"x:\\x0Dexpression(javascript:alert(1)\">DEF", 
+  "ABC<div style=\"x:\\x0Cexpression(javascript:alert(1)\">DEF", 
+  "ABC<div style=\"x:\\xE2\\x80\\x87expression(javascript:alert(1)\">DEF", 
+  "ABC<div style=\"x:\\xEF\\xBB\\xBFexpression(javascript:alert(1)\">DEF", 
+  "ABC<div style=\"x:\\x20expression(javascript:alert(1)\">DEF", 
+  "ABC<div style=\"x:\\xE2\\x80\\x88expression(javascript:alert(1)\">DEF", 
+  "ABC<div style=\"x:\\x00expression(javascript:alert(1)\">DEF", 
+  "ABC<div style=\"x:\\xE2\\x80\\x8Bexpression(javascript:alert(1)\">DEF", 
+  "ABC<div style=\"x:\\xE2\\x80\\x86expression(javascript:alert(1)\">DEF", 
+  "ABC<div style=\"x:\\xE2\\x80\\x85expression(javascript:alert(1)\">DEF", 
+  "ABC<div style=\"x:\\xE2\\x80\\x82expression(javascript:alert(1)\">DEF", 
+  "ABC<div style=\"x:\\x0Bexpression(javascript:alert(1)\">DEF", 
+  "ABC<div style=\"x:\\xE2\\x80\\x81expression(javascript:alert(1)\">DEF", 
+  "ABC<div style=\"x:\\xE2\\x80\\x83expression(javascript:alert(1)\">DEF", 
+  "ABC<div style=\"x:\\xE2\\x80\\x89expression(javascript:alert(1)\">DEF", 
+  "<a href=\"\\x0Bjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x0Fjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\xC2\\xA0javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x05javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\xE1\\xA0\\x8Ejavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x18javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x11javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\xE2\\x80\\x88javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\xE2\\x80\\x89javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\xE2\\x80\\x80javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x17javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x03javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x0Ejavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x1Ajavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x00javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x10javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\xE2\\x80\\x82javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x20javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x13javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x09javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\xE2\\x80\\x8Ajavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x14javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x19javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\xE2\\x80\\xAFjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x1Fjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\xE2\\x80\\x81javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x1Djavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\xE2\\x80\\x87javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x07javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\xE1\\x9A\\x80javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\xE2\\x80\\x83javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x04javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x01javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x08javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\xE2\\x80\\x84javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\xE2\\x80\\x86javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\xE3\\x80\\x80javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x12javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x0Djavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x0Ajavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x0Cjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x15javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\xE2\\x80\\xA8javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x16javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x02javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x1Bjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x06javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\xE2\\x80\\xA9javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\xE2\\x80\\x85javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x1Ejavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\xE2\\x81\\x9Fjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"\\x1Cjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"javascript\\x00:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"javascript\\x3A:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"javascript\\x09:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"javascript\\x0D:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "<a href=\"javascript\\x0A:javascript:alert(1)\" id=\"fuzzelement1\">test</a>", 
+  "`\"'><img src=xxx:x \\x0Aonerror=javascript:alert(1)>", 
+  "`\"'><img src=xxx:x \\x22onerror=javascript:alert(1)>", 
+  "`\"'><img src=xxx:x \\x0Bonerror=javascript:alert(1)>", 
+  "`\"'><img src=xxx:x \\x0Donerror=javascript:alert(1)>", 
+  "`\"'><img src=xxx:x \\x2Fonerror=javascript:alert(1)>", 
+  "`\"'><img src=xxx:x \\x09onerror=javascript:alert(1)>", 
+  "`\"'><img src=xxx:x \\x0Conerror=javascript:alert(1)>", 
+  "`\"'><img src=xxx:x \\x00onerror=javascript:alert(1)>", 
+  "`\"'><img src=xxx:x \\x27onerror=javascript:alert(1)>", 
+  "`\"'><img src=xxx:x \\x20onerror=javascript:alert(1)>", 
+  "\"`'><script>\\x3Bjavascript:alert(1)</script>", 
+  "\"`'><script>\\x0Djavascript:alert(1)</script>", 
+  "\"`'><script>\\xEF\\xBB\\xBFjavascript:alert(1)</script>", 
+  "\"`'><script>\\xE2\\x80\\x81javascript:alert(1)</script>", 
+  "\"`'><script>\\xE2\\x80\\x84javascript:alert(1)</script>", 
+  "\"`'><script>\\xE3\\x80\\x80javascript:alert(1)</script>", 
+  "\"`'><script>\\x09javascript:alert(1)</script>", 
+  "\"`'><script>\\xE2\\x80\\x89javascript:alert(1)</script>", 
+  "\"`'><script>\\xE2\\x80\\x85javascript:alert(1)</script>", 
+  "\"`'><script>\\xE2\\x80\\x88javascript:alert(1)</script>", 
+  "\"`'><script>\\x00javascript:alert(1)</script>", 
+  "\"`'><script>\\xE2\\x80\\xA8javascript:alert(1)</script>", 
+  "\"`'><script>\\xE2\\x80\\x8Ajavascript:alert(1)</script>", 
+  "\"`'><script>\\xE1\\x9A\\x80javascript:alert(1)</script>", 
+  "\"`'><script>\\x0Cjavascript:alert(1)</script>", 
+  "\"`'><script>\\x2Bjavascript:alert(1)</script>", 
+  "\"`'><script>\\xF0\\x90\\x96\\x9Ajavascript:alert(1)</script>", 
+  "\"`'><script>-javascript:alert(1)</script>", 
+  "\"`'><script>\\x0Ajavascript:alert(1)</script>", 
+  "\"`'><script>\\xE2\\x80\\xAFjavascript:alert(1)</script>", 
+  "\"`'><script>\\x7Ejavascript:alert(1)</script>", 
+  "\"`'><script>\\xE2\\x80\\x87javascript:alert(1)</script>", 
+  "\"`'><script>\\xE2\\x81\\x9Fjavascript:alert(1)</script>", 
+  "\"`'><script>\\xE2\\x80\\xA9javascript:alert(1)</script>", 
+  "\"`'><script>\\xC2\\x85javascript:alert(1)</script>", 
+  "\"`'><script>\\xEF\\xBF\\xAEjavascript:alert(1)</script>", 
+  "\"`'><script>\\xE2\\x80\\x83javascript:alert(1)</script>", 
+  "\"`'><script>\\xE2\\x80\\x8Bjavascript:alert(1)</script>", 
+  "\"`'><script>\\xEF\\xBF\\xBEjavascript:alert(1)</script>", 
+  "\"`'><script>\\xE2\\x80\\x80javascript:alert(1)</script>", 
+  "\"`'><script>\\x21javascript:alert(1)</script>", 
+  "\"`'><script>\\xE2\\x80\\x82javascript:alert(1)</script>", 
+  "\"`'><script>\\xE2\\x80\\x86javascript:alert(1)</script>", 
+  "\"`'><script>\\xE1\\xA0\\x8Ejavascript:alert(1)</script>", 
+  "\"`'><script>\\x0Bjavascript:alert(1)</script>", 
+  "\"`'><script>\\x20javascript:alert(1)</script>", 
+  "\"`'><script>\\xC2\\xA0javascript:alert(1)</script>", 
+  "<img \\x00src=x onerror=\"alert(1)\">", 
+  "<img \\x47src=x onerror=\"javascript:alert(1)\">", 
+  "<img \\x11src=x onerror=\"javascript:alert(1)\">", 
+  "<img \\x12src=x onerror=\"javascript:alert(1)\">", 
+  "<img\\x47src=x onerror=\"javascript:alert(1)\">", 
+  "<img\\x10src=x onerror=\"javascript:alert(1)\">", 
+  "<img\\x13src=x onerror=\"javascript:alert(1)\">", 
+  "<img\\x32src=x onerror=\"javascript:alert(1)\">", 
+  "<img\\x47src=x onerror=\"javascript:alert(1)\">", 
+  "<img\\x11src=x onerror=\"javascript:alert(1)\">", 
+  "<img \\x47src=x onerror=\"javascript:alert(1)\">", 
+  "<img \\x34src=x onerror=\"javascript:alert(1)\">", 
+  "<img \\x39src=x onerror=\"javascript:alert(1)\">", 
+  "<img \\x00src=x onerror=\"javascript:alert(1)\">", 
+  "<img src\\x09=x onerror=\"javascript:alert(1)\">", 
+  "<img src\\x10=x onerror=\"javascript:alert(1)\">", 
+  "<img src\\x13=x onerror=\"javascript:alert(1)\">", 
+  "<img src\\x32=x onerror=\"javascript:alert(1)\">", 
+  "<img src\\x12=x onerror=\"javascript:alert(1)\">", 
+  "<img src\\x11=x onerror=\"javascript:alert(1)\">", 
+  "<img src\\x00=x onerror=\"javascript:alert(1)\">", 
+  "<img src\\x47=x onerror=\"javascript:alert(1)\">", 
+  "<img src=x\\x09onerror=\"javascript:alert(1)\">", 
+  "<img src=x\\x10onerror=\"javascript:alert(1)\">", 
+  "<img src=x\\x11onerror=\"javascript:alert(1)\">", 
+  "<img src=x\\x12onerror=\"javascript:alert(1)\">", 
+  "<img src=x\\x13onerror=\"javascript:alert(1)\">", 
+  "<img[a][b][c]src[d]=x[e]onerror=[f]\"alert(1)\">", 
+  "<img src=x onerror=\\x09\"javascript:alert(1)\">", 
+  "<img src=x onerror=\\x10\"javascript:alert(1)\">", 
+  "<img src=x onerror=\\x11\"javascript:alert(1)\">", 
+  "<img src=x onerror=\\x12\"javascript:alert(1)\">", 
+  "<img src=x onerror=\\x32\"javascript:alert(1)\">", 
+  "<img src=x onerror=\\x00\"javascript:alert(1)\">", 
+  "<a href=java&#1&#2&#3&#4&#5&#6&#7&#8&#11&#12script:javascript:alert(1)>XXX</a>", 
+  "<img src=\"x` `<script>javascript:alert(1)</script>\"` `>", 
+  "<img src onerror /\" '\"= alt=javascript:alert(1)//\">", 
+  "<title onpropertychange=javascript:alert(1)></title><title title=>", 
+  "<a href=http://foo.bar/#x=`y></a><img alt=\"`><img src=x:x onerror=javascript:alert(1)></a>\">", 
+  "<!--[if]><script>javascript:alert(1)</script -->", 
+  "<!--[if<img src=x onerror=javascript:alert(1)//]> -->", 
+  "<script src=\"/\\%(jscript)s\"></script>", 
+  "<script src=\"\\\\%(jscript)s\"></script>", 
+  "<IMG \"\"\"><SCRIPT>alert(\"XSS\")</SCRIPT>\">", 
+  "<IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>", 
+  "<IMG SRC=# onmouseover=\"alert('xxs')\">", 
+  "<IMG SRC= onmouseover=\"alert('xxs')\">", 
+  "<IMG onmouseover=\"alert('xxs')\">", 
+  "<IMG SRC=&#106;&#97;&#118;&#97;&#115;&#99;&#114;&#105;&#112;&#116;&#58;&#97;&#108;&#101;&#114;&#116;&#40;&#39;&#88;&#83;&#83;&#39;&#41;>", 
+  "<IMG SRC=&#0000106&#0000097&#0000118&#0000097&#0000115&#0000099&#0000114&#0000105&#0000112&#0000116&#0000058&#0000097&#0000108&#0000101&#0000114&#0000116&#0000040&#0000039&#0000088&#0000083&#0000083&#0000039&#0000041>", 
+  "<IMG SRC=&#x6A&#x61&#x76&#x61&#x73&#x63&#x72&#x69&#x70&#x74&#x3A&#x61&#x6C&#x65&#x72&#x74&#x28&#x27&#x58&#x53&#x53&#x27&#x29>", 
+  "<IMG SRC=\"jav   ascript:alert('XSS');\">", 
+  "<IMG SRC=\"jav&#x09;ascript:alert('XSS');\">", 
+  "<IMG SRC=\"jav&#x0A;ascript:alert('XSS');\">", 
+  "<IMG SRC=\"jav&#x0D;ascript:alert('XSS');\">", 
+  "perl -e 'print \"<IMG SRC=java\\0script:alert(\\\"XSS\\\")>\";' > out", 
+  "<IMG SRC=\" &#14;  javascript:alert('XSS');\">", 
+  "<SCRIPT/XSS SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>", 
+  "<BODY onload!#$%&()*~+-_.,:;?@[/|\\]^`=alert(\"XSS\")>", 
+  "<SCRIPT/SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>", 
+  "<<SCRIPT>alert(\"XSS\");//<</SCRIPT>", 
+  "<SCRIPT SRC=http://ha.ckers.org/xss.js?< B >", 
+  "<SCRIPT SRC=//ha.ckers.org/.j>", 
+  "<IMG SRC=\"javascript:alert('XSS')\"", 
+  "<iframe src=http://ha.ckers.org/scriptlet.html <", 
+  "\\\";alert('XSS');//", 
+  "<u oncopy=alert()> Copy me</u>", 
+  "<i onwheel=alert(1)> Scroll over me </i>", 
+  "<plaintext>", 
+  "http://a/%%30%30", 
+  "</textarea><script>alert(123)</script>", 
+  "1;DROP TABLE users", 
+  "1'; DROP TABLE users-- 1", 
+  "' OR 1=1 -- 1", 
+  "' OR '1'='1", 
+  "'; EXEC sp_MSForEachTable 'DROP TABLE ?'; --",
+  " ", 
+  "%", 
+  "_", 
+  "-", 
+  "--", 
+  "--version", 
+  "--help", 
+  "$USER", 
+  "/dev/null; touch /tmp/blns.fail ; echo", 
+  "`touch /tmp/blns.fail`", 
+  "$(touch /tmp/blns.fail)", 
+  "@{[system \"touch /tmp/blns.fail\"]}", 
+  "eval(\"puts 'hello world'\")", 
+  "System(\"ls -al /\")", 
+  "`ls -al /`", 
+  "Kernel.exec(\"ls -al /\")", 
+  "Kernel.exit(1)", 
+  "%x('ls -al /')", 
+  "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?><!DOCTYPE foo [ <!ELEMENT foo ANY ><!ENTITY xxe SYSTEM \"file:///etc/passwd\" >]><foo>&xxe;</foo>", 
+  "$HOME", 
+  "$ENV{'HOME'}", 
+  "%d", 
+  "%s%s%s%s%s", 
+  "{0}", 
+  "%*.*s", 
+  "%@", 
+  "%n", 
+  "File:///", 
+  "../../../../../../../../../../../etc/passwd%00", 
+  "../../../../../../../../../../../etc/hosts", 
+  "() { 0; }; touch /tmp/blns.shellshock1.fail;", 
+  "() { _; } >_[$($())] { touch /tmp/blns.shellshock2.fail; }", 
+  "<<< %s(un='%s') = %u", 
+  "+++ATH0", 
+  "CON", 
+  "PRN", 
+  "AUX", 
+  "CLOCK$", 
+  "NUL", 
+  "A:", 
+  "ZZ:", 
+  "COM1", 
+  "LPT1", 
+  "LPT2", 
+  "LPT3", 
+  "COM2", 
+  "COM3", 
+  "COM4", 
+  "DCC SEND STARTKEYLOGGER 0 0 0", 
+  "Scunthorpe General Hospital", 
+  "Penistone Community Church", 
+  "Lightwater Country Park", 
+  "Jimmy Clitheroe", 
+  "Horniman Museum", 
+  "shitake mushrooms", 
+  "RomansInSussex.co.uk", 
+  "http://www.cum.qc.ca/", 
+  "Craig Cockburn, Software Specialist", 
+  "Linda Callahan", 
+  "Dr. Herman I. Libshitz", 
+  "magna cum laude", 
+  "Super Bowl XXX", 
+  "medieval erection of parapets", 
+  "evaluate", 
+  "mocha", 
+  "expression", 
+  "Arsenal canal", 
+  "classic", 
+  "Tyson Gay", 
+  "Dick Van Dyke", 
+  "basement", 
+  "If you're reading this, you've been in a coma for almost 20 years now. We're trying a new technique. We don't know where this message will end up in your dream, but we hope it works. Please wake up, we miss you.", 
+  "Roses are \u001b[0;31mred\u001b[0m, violets are \u001b[0;34mblue. Hope you enjoy terminal hue", 
+  "But now...\u001b[20Cfor my greatest trick...\u001b[8m", 
+  "The quic\b\b\b\b\b\bk brown fo\u0007\u0007\u0007\u0007\u0007\u0007\u0007\u0007\u0007\u0007\u0007x... [Beeeep]", 
+  "Powerلُلُصّبُلُلصّبُررً ॣ ॣh ॣ ॣ冗", 
+  "🏳0🌈️",
+  "జ్ఞ‌ా",
+  "گچپژ",
+  "{% print 'x' * 64 * 1024**3 %}",
+  "{{ \"\".__class__.__mro__[2].__subclasses__()[40](\"/etc/passwd\").read() }}"
+]
diff --git a/cmd/fuzzbot/fuzzbot.go b/cmd/fuzzbot/fuzzbot.go
new file mode 100644
index 0000000..896dc6b
--- /dev/null
+++ b/cmd/fuzzbot/fuzzbot.go
@@ -0,0 +1,114 @@
+package main
+
+import (
+	"crypto/rand"
+	"cwtch.im/cwtch/event"
+	"cwtch.im/cwtch/model"
+	"cwtch.im/cwtch/protocol/connections"
+	"encoding/json"
+	"git.openprivacy.ca/openprivacy/log"
+	"git.openprivacy.ca/sarah/cwtchbot"
+	"io/ioutil"
+	"os"
+	"os/user"
+	"path"
+)
+
+type BLNS struct {
+	inputs []string
+}
+
+func main() {
+	user, _ := user.Current()
+	log.SetLevel(log.LevelDebug)
+	cwtchbot := bot.NewCwtchBot(path.Join(user.HomeDir, "/.fuzzbot/"), "fuzzbot")
+
+	cwtchbot.Launch()
+
+	blns := new(BLNS)
+	blns_file, err := ioutil.ReadFile("./cmd/fuzzbot/blns.json")
+	if err != nil {
+		log.Errorf("could not read BLNS file %v", err)
+		os.Exit(1)
+	}
+	var inputs []string
+	err = json.Unmarshal(blns_file, &inputs)
+	if err != nil {
+		log.Errorf("could not decode BLNS file %v", err)
+	}
+	blns.inputs = inputs
+
+	input := make([]byte, 64)
+	_, err = rand.Read(input)
+	if err != nil {
+		panic(err)
+	}
+	cwtchbot.Peer.SetName(string(input))
+
+	for {
+		log.Infof("Process.....\n")
+		message := cwtchbot.Queue.Next()
+		switch message.EventType {
+		case event.NewMessageFromGroup:
+			if message.Data[event.RemotePeer] != cwtchbot.Peer.GetOnion() {
+				log.Infof("New Message: %v\v", message.Data[event.Data])
+				cwtchbot.Peer.SendMessageToGroupTracked(message.Data[event.GroupID], message.Data[event.Data])
+			}
+		case event.NewMessageFromPeer:
+			log.Infof("New Event: %v", message)
+			cwtchbot.Queue.Publish(event.NewEvent(event.PeerAcknowledgement, map[event.Field]string{event.EventID: message.EventID, event.RemotePeer: message.Data[event.RemotePeer]}))
+			msg := cwtchbot.UnpackMessage(message.Data[event.Data])
+			log.Infof("Message: %v", msg)
+			switch msg.Data {
+			case "blns":
+				{
+					reply := string(cwtchbot.PackMessage(msg.Overlay, "Starting the Fuzzing Process..."))
+					cwtchbot.Peer.SendMessageToPeer(message.Data[event.RemotePeer], reply)
+					for _, input := range blns.inputs {
+						reply := string(cwtchbot.PackMessage(msg.Overlay, input))
+						cwtchbot.Peer.SendMessageToPeer(message.Data[event.RemotePeer], reply)
+					}
+				}
+			case "random-overlay":
+				{
+					reply := string(cwtchbot.PackMessage(msg.Overlay, "Starting the Fuzzing Process..."))
+					cwtchbot.Peer.SendMessageToPeer(message.Data[event.RemotePeer], reply)
+					for i := 0; i < 100; i++ {
+						input := make([]byte, 64)
+						_, err := rand.Read(input)
+						if err != nil {
+							panic(err)
+						}
+						reply := string(cwtchbot.PackMessage(msg.Overlay, string(input)))
+						cwtchbot.Peer.SendMessageToPeer(message.Data[event.RemotePeer], reply)
+					}
+				}
+			case "random":
+				{
+					reply := string(cwtchbot.PackMessage(msg.Overlay, "Starting the Fuzzing Process..."))
+					cwtchbot.Peer.SendMessageToPeer(message.Data[event.RemotePeer], reply)
+					for i := 0; i < 100; i++ {
+						input := make([]byte, 64)
+						_, err := rand.Read(input)
+						if err != nil {
+							panic(err)
+						}
+						reply := string(input)
+						cwtchbot.Peer.SendMessageToPeer(message.Data[event.RemotePeer], reply)
+					}
+				}
+			case "fuzz-peer-details":
+			}
+		case event.PeerStateChange:
+			state := message.Data[event.ConnectionState]
+			if state == connections.ConnectionStateName[connections.AUTHENTICATED] {
+				log.Infof("Auto approving stranger %v", message.Data[event.RemotePeer])
+				cwtchbot.Peer.AddContact("stranger", message.Data[event.RemotePeer], model.AuthApproved)
+			}
+		case event.NewGetValMessageFromPeer:
+
+		default:
+			log.Infof("New Event: %v", message)
+		}
+	}
+}
diff --git a/go.mod b/go.mod
index 8c3686d..e71889d 100644
--- a/go.mod
+++ b/go.mod
@@ -3,7 +3,7 @@ module git.openprivacy.ca/sarah/cwtchbot
 go 1.14
 
 require (
-	cwtch.im/cwtch v0.4.6
-	git.openprivacy.ca/openprivacy/connectivity v1.3.0
-	git.openprivacy.ca/openprivacy/log v1.0.1
+	cwtch.im/cwtch v0.6.9
+	git.openprivacy.ca/openprivacy/connectivity v1.4.2
+	git.openprivacy.ca/openprivacy/log v1.0.2
 )
diff --git a/go.sum b/go.sum
index 723a273..a4a03ab 100644
--- a/go.sum
+++ b/go.sum
@@ -1,15 +1,31 @@
 cwtch.im/cwtch v0.4.6 h1:jQT0WZY0BGS/EKZrtvL48kMYoed00/q1ycvI0u7Dez4=
 cwtch.im/cwtch v0.4.6/go.mod h1:Mh7vQQ3z55+prpX6EuUkg4QNQkBACMoDcgCNBeAH2EY=
+cwtch.im/cwtch v0.6.4 h1:7P7+c7pBw2/aGE1cVWWLlLWhkVrGwuhQomIRbWB840E=
+cwtch.im/cwtch v0.6.4/go.mod h1:snHZIZwRQPAZG2LRZsN5SpAIbeR597VJoDS+KHm7q9w=
+cwtch.im/cwtch v0.6.9 h1:R4UgKd8ucw8qGZ0K0RrYB+tZrgCXJ83HsH/MrNfsqps=
+cwtch.im/cwtch v0.6.9/go.mod h1:KDy4lWWxcYAjeKclwVFkoTQ2dWnZcM0k3Xck+zEuBmE=
 cwtch.im/tapir v0.2.1 h1:t1YJB9q5sV1A9xwiiwL6WVfw3dwQWLoecunuzT1PQtw=
 cwtch.im/tapir v0.2.1/go.mod h1:xzzZ28adyUXNkYL1YodcHsAiTt3IJ8Loc29YVn9mIEQ=
+git.openprivacy.ca/cwtch.im/tapir v0.3.4 h1:g7yZkfz/vWr/t2tFXa/t0Ebr/w665uIKpxpCZ3lIPCo=
+git.openprivacy.ca/cwtch.im/tapir v0.3.4/go.mod h1:+Niy2AHhQC351ZTtfhC0uLjViCICyOxCJZsIlGKKNAU=
 git.openprivacy.ca/openprivacy/bine v0.0.3 h1:PSHUmNqaW7BZUX8n2eTDeNbjsuRe+t5Ae0Og+P+jDM0=
 git.openprivacy.ca/openprivacy/bine v0.0.3/go.mod h1:13ZqhKyqakDsN/ZkQkIGNULsmLyqtXc46XBcnuXm/mU=
+git.openprivacy.ca/openprivacy/bine v0.0.4 h1:CO7EkGyz+jegZ4ap8g5NWRuDHA/56KKvGySR6OBPW+c=
+git.openprivacy.ca/openprivacy/bine v0.0.4/go.mod h1:13ZqhKyqakDsN/ZkQkIGNULsmLyqtXc46XBcnuXm/mU=
 git.openprivacy.ca/openprivacy/connectivity v1.2.0/go.mod h1:B7vzuVmChJtSKoh0ezph5vu6DQ0gIk0zHUNG6IgXCcA=
 git.openprivacy.ca/openprivacy/connectivity v1.3.0 h1:e2EeV6CaMNwOb+PzAjF0hGCeOqAPagRaDL4en5ITf7U=
 git.openprivacy.ca/openprivacy/connectivity v1.3.0/go.mod h1:s0/QhONuUqJQfYTAgUlu+ya7G3Ov6bKgpT5QkOhVxDI=
+git.openprivacy.ca/openprivacy/connectivity v1.3.1 h1:d1t7rtzn+Fc63Z2M4mAGmGYU8hSeoZqglvfVBYkg0Lw=
+git.openprivacy.ca/openprivacy/connectivity v1.3.1/go.mod h1:s0/QhONuUqJQfYTAgUlu+ya7G3Ov6bKgpT5QkOhVxDI=
+git.openprivacy.ca/openprivacy/connectivity v1.3.3 h1:OKHZ/pzY95+UNOhF74DisSYPh7lULtjbxFQnK9r6cAk=
+git.openprivacy.ca/openprivacy/connectivity v1.3.3/go.mod h1:DL9QitHjpyNspMUe3wjIej9gFgDK2FdRKP2JE4+7T90=
+git.openprivacy.ca/openprivacy/connectivity v1.4.2 h1:rQFIjWunLlRmXL5Efsv+7+1cA70T6Uza6RCy2PRm9zc=
+git.openprivacy.ca/openprivacy/connectivity v1.4.2/go.mod h1:bR0Myx9nm2YzWtsThRelkNMV4Pp7sPDa123O1qsAbVo=
 git.openprivacy.ca/openprivacy/log v1.0.0/go.mod h1:gGYK8xHtndRLDymFtmjkG26GaMQNgyhioNS82m812Iw=
 git.openprivacy.ca/openprivacy/log v1.0.1 h1:NWV5oBTatvlSzUE6wtB+UQCulgyMOtm4BXGd34evMys=
 git.openprivacy.ca/openprivacy/log v1.0.1/go.mod h1:gGYK8xHtndRLDymFtmjkG26GaMQNgyhioNS82m812Iw=
+git.openprivacy.ca/openprivacy/log v1.0.2 h1:HLP4wsw4ljczFAelYnbObIs821z+jgMPCe8uODPnGQM=
+git.openprivacy.ca/openprivacy/log v1.0.2/go.mod h1:gGYK8xHtndRLDymFtmjkG26GaMQNgyhioNS82m812Iw=
 github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
 github.com/cretz/bine v0.1.1-0.20200124154328-f9f678b84cca/go.mod h1:6PF6fWAvYtwjRGkAuDEJeWNOv3a2hUouSP/yRYXmvHw=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@@ -20,7 +36,9 @@ github.com/gtank/merlin v0.1.1 h1:eQ90iG7K9pOhtereWsmyRJ6RAwcP4tHTDBHXNg+u5is=
 github.com/gtank/merlin v0.1.1/go.mod h1:T86dnYJhcGOh5BjZFCJWTDeTK7XW8uE+E21Cy/bIQ+s=
 github.com/gtank/ristretto255 v0.1.2 h1:JEqUCPA1NvLq5DwYtuzigd7ss8fwbYay9fi4/5uMzcc=
 github.com/gtank/ristretto255 v0.1.2/go.mod h1:Ph5OpO6c7xKUGROZfWVLiJf9icMDwUeIvY4OmlYW69o=
+github.com/kr/pretty v0.2.0 h1:s5hAObm+yFO5uHYt5dYjxi2rXrsnmRpJx4OYvIWUaQs=
 github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
+github.com/kr/pty v1.1.1 h1:VkoXIwSboBpnk99O/KFauAEILuNHv5DVFKZMBN/gUgw=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
@@ -30,11 +48,13 @@ github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWb
 github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/stretchr/objx v0.1.0 h1:4G4v2dO3VZwixGIRoQ5Lfboy6nUhCyYzaqnIAPPhYs4=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
 github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/struCoder/pidusage v0.1.3 h1:pZcSa6asBE38TJtW0Nui6GeCjLTpaT/jAnNP7dUTLSQ=
 github.com/struCoder/pidusage v0.1.3/go.mod h1:pWBlW3YuSwRl6h7R5KbvA4N8oOqe9LjaKW5CwT1SPjI=
 github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 go.etcd.io/bbolt v1.3.4 h1:hi1bXHMVrlQh6WwxAy+qZCV/SYIlqo+Ushwdpa4tAKg=
@@ -54,6 +74,8 @@ golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLL
 golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20201010224723-4f7140c49acb h1:mUVeFHoDKis5nxCAzoAi7E8Ghb86EXh/RK6wtvJIqRY=
 golang.org/x/net v0.0.0-20201010224723-4f7140c49acb/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
+golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4 h1:4nGaVu0QrbjT/AK2PRLuQfQuh6DJve+pELhqTdAj3x0=
+golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -62,8 +84,15 @@ golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f h1:+Nyd8tzPX9R7BWHguqsrbFdRx3WQ/1ib8I44HXV5yTA=
 golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44 h1:Bli41pIlzTzf3KEY06n+xnzK/BESIg2ze4Pgfh/aI8c=
+golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e h1:FDhOuMEY4JVRztM/gsbk+IKUQ8kj74bxZrgw87eMMVc=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=