The tool is the Modbus VCR. It is a plugin for the Ettercap framework which records Modbus/TCP (or really any cyclic traffic) for a period of time between a client and a server and later replays protocol state. The purpose of the tool is to show a really old, really dumb problem with control systems protocols: the lack of data integrity isn't just about control, it's about status, too.
Once the stop condition is met (currently 10 seconds of recording), the Modbus VCR begins overwriting response traffic. It does so by looking up the current request in the global request-response pair list. It then keeps a pointer to the recorded response. When it sees the actual response to the request come from the slave device, it overwrites the data portion of the new response with the data from the previously-recorded response.
The beautiful (or scary) thing about attacking a control system using the Modbus VCR is that it fools operators as to what the status of their control network is, just like Stuxnet. The operator is blind, but doesn't know that they are blind. Unlike Stuxnet, it is universal: it requires no knowledge of the process being controlled. It just does its thing, recording and replaying traffic, without any concern as to what the values even mean.
The Modbus VCR concept can easily be applied to other control systems protocols: DNP3 (at least, variants that do not implement Secure Authentication), ICCP (variants that lack use of SSL), 61850, 60870, and almost every vendor's proprietary protocol is vulnerable to this style of attack.
Unfortunately field firewalls don't help here -- I came up with this tool precisely because I was assessing a very good field device firewall. ARP poison detection on all segments of the control system network are required to detect this attack. In order to truly prevent the attack, we need to consider the use of secure-by-design protocols which have secure data integrity. Even adding an SSL wrapper (with sufficient key management) to a protocol like Modbus would be enough to prevent this entire class of attack.