Created attachment 246838 [details]
html file mentioned in above description

unlisted poc video link->

https://www.youtube.com/watch?v=m_rMN4M8a-c

Hi Team,


The maximum number of WebSocket connections that can be opened at a time must be preset ( for example firefox uses 200 as maximum number of WebSocket at instance ) but Safari(webkit) failed to implement it

for firefox you can go through about it here->
https://developer.mozilla.org/en/docs/WebSockets

<script>
var i=0;
while(1)
{
var connection = new WebSocket('ws://html5rocks.websocket.org/echo');
}
</script>

above js creates infinite number of websockets.
on executing this file Safari(webkit) opens infinite websockets at the same instance which leads to crash of the browser,on serious condition crash of OS.The above website is taken for example (html5rocks.websocket.org) even it can be xyz.com or whatever.

The thing is, with Safari(webkit) we can open infinite websockets at an instance which leads to crash.Safari(webkit) doesnt handle it properly

Let me show "how Safari(webkit) crashes" and "how Firefox handles this"


first let me open Safari(webkit) , execute that file and show you the memory usage
as you can see...Safari(webkit) is taking lot of resources 
As you saw the browser crashed and system will crash on serious condition

now let me open the same thing firefox

same file

it just sent 193 requests then stopped inspite of infinite loop

even it didnt take much resources


with this vulnerability,attacker can remotely send this file and crash victim's browser


tested in mac's safari too(if poc needed let me give it)


waiting for good reply

thanks and regards

venkatesh





attached the html file :))