Hacker Ron Bowes has released various payloads that connect a shell's standard input and output with a suitable online counterpart through DNS. This allows attackers to bypass many firewalls and even attack systems that have no internet connection themselves.
For a DNS tunnel, the host computer only needs to be able to resolve external host names such as https://www.heise.de/en It can then handle its network traffic via sent DNS queries and responses. This concept was already demonstrated by Julien Oster and Florian Heinz via the Name Server Transfer protocol (NSTX), which tunnels entire IP connections via DNS.

DNS tunneling requires a suitable server software to run on the DNS server responsible for a domain such as mytunnel.com. The host then simply sends DNS lookup queries such as -

d2Vpc2VuaGVpbWVy.mytunnel.com

The link for this article located at H Security is no longer available.