I have been writing an aircrack suite script to streamline most tasks and have been extensivly testing it when I noticed a typo in aireplay-ng Chop Chop no client packet forge.
The odd thing is that it still works despite the typo, it still creates an XOR file then a packet which when injected generates 100's of iv's per second.
The typo is:
aireplay-ng -4 -h 11:11:11:11:11:11 -h 44:44:44:44:44:44 wlan1
The Mac with the 1's was the AP and the Mac with the 4's was the fake authed client which was the Mac of my interface.
The typo was in this order where the first -h should have been a -b for the AP, funnier still is that with the typo chop chop worked faster at about 1/4 the time of the correct syntax.
I'm running BT5, on persistant usb, on I7 laptop with alfa network cards AWUS036H and NH cards.
I've added the script as a txt file, the typo has been fixed but you can see where it was in option 8.