I tried replicating the Karma attack and it does not work on my iphone5s and galaxy s6. Even when the phones send out directed probe requests and the Rouge AP responds with the appropriate probe responses, the phones just ignore them and refuse to connect. I have also heard that most of the devices have already been patched to defend against this attack since this attack was introduced more than 10 years ago.
This makes me wonder, are there any devices out there that are still vulnerable to this attack? Or has this attack become a thing of the past? (To be clear, I am talking about the attack where client devices automatically respond to probe responses and associate with the Rouge AP, not where the user mistakens the Rogue AP for the legitimate one and chooses to join it manually.)