## https://sploitus.com/exploit?id=E23921EF-7C7D-5AFD-9B96-2171B8FE3753
Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1. It is a PoC exploit for CVE-2023-36880. The code performs the following steps: 1. Loads a vulnerable version of the "prefs_enclave_x64.dll" enclave 2. Call the vulnerable "SealSettings" function to store shellcode and a "cleanup buffer" inside the enclave 3. Allocate an empty RWX buffer in VTL0 4. Call the vulnerable "UnsealSettings" function to write the shellcode from the enclave into the VTL0 executable buffer 5. Jump to shellcode 6. When the shellcode returns, call the vulnerable "UnsealSettings" function to overwrite the VTL0 shellcode buffer with the cleanup buffer 7. Sleep for 5 seconds and repeat from step 4. This implementation is very simplistic and is only meant to demonstrate the concept - adjustments are certainly required to weaponize it.