 | 1 | initial version |
"The capture file appears to be damaged or corrupt. (btsnoop: File has 385941504-byte packet, bigger than maximum of 262144)"
That doesn't mean the file is too large, it means that either 1) the file's contents are invalid, either because the program that wrote it is incorrect or the file was transferred in a fashion that damaged it or 2) there's a bug somewhere in the Wireshark code that reads btsnoop files.
What mechanism did you use to download (transfer) the file from your Android phone to the machine on which you're running Wireshark? Android is a UNX, and you're presumably running Windows given that you're using Notepad, so any transfer mechanism that treats files as text, and attempts to convert between UNX and Windows line endings, will damage binary files.
I have opened these log files in Notepad, but they are evidently encrypted since I see unintelligible symbols (like small squares containing question marks).
They're not encrypted, they're binary files rather than text files. Most of the file formats Wireshark handles, including its native formats pcap and pcapng, are binary formats, so using Notepad to read them won't work.
