This is an old revision of the document!
It is a tool created by Martin Beck aka hirte, a member of aircrack-ng team. This tool is able to inject a few frames in a WPA TKIP network with QoS.
He worked a few weeks ago with Erik Tews (who created PTW attack) for a conference in PacSec 2008: “Gone in 900 Seconds, Some Crypto Issues with WPA”.
It is currently only available in our subversion repository. Instructions to install it can be found here.
A description of the attack can be found in http://www.cdc.informatik.tu-darmstadt.de/~e_tews/breakingwepandwpa.pdf