SteveWare
commented
6 years ago You cannot really play without the packets as they have to be in order and with the correct timing information. Adding headers will not give you enough information, and the server and client will need to interact in the correct way for crypt handshake etc. I guess you could slowly piece together a pcap adding headers (and the 3-way initial TCP handshake), but this would be a really painful process. There is nothing positive I can suggest here. The data you have is just not appropriate for replay. Sorry.
I have two issue. 1) How can i play rdp clear traffic, without wireshark, tcp, etc header? I can add the necessary header to each packet, but how to make it it is correct? 2)Let's allow, I have no duplex. I have separately a traffic from server side and the client. what client packets are necessary to me for reproduction?