I want to match an app's UUID with the app's name displayed on springboard. I can list the installed apps under /var/mobile/Containers/Data/Application and get the UUIDs. Within the app folders I can also find BundleIDs searching plist files but cannot find apps' name. Filza app seems to find a way to match UUID and app names. Where does iOS keep this information?
I checked this answer: https://stackoverflow.com/a/17483377/891194 but mentioned files do not exist in iOS 10.
For iOS 10 under /var/containers/Bundle/Application directory you can find bundle containers. In each folder there are appName.app folder and iTunesMetadata.plist file. Within the iTunesMetadata.plist file, itemName tag gives the application name that is displayed on Springboard.
Could find an awesome work around for this issue with Frida (need python3, pip install frida-tools) and Objection (pip3 install objection)
Install Frida on IOS device.
Connect IOS device with developer / attacker machine via USB cable and in the machine type in frida-ps -U to get app PID and name
Use Objection -g <app PID> explore
And inside objection use env to view application data paths
OWASP.iGoat-Swift on (iPhone: 11.1.2) [usb] # env
Name Path ----------------- ------------------------------------------------------------------------------------------- BundlePath
/var/containers/Bundle/Application/3ADAF47D-A734-49FA-B274-FBCA66589E67/iGoat-Swift.app CachesDirectory
/var/mobile/Containers/Data/Application/8C8E7EB0-BC9B-435B-8EF8-8F5560EB0693/Library/Caches DocumentDirectory /var/mobile/Containers/Data/Application/8C8E7EB0-BC9B-435B-8EF8-8F5560EB0693/Documents LibraryDirectory
/var/mobile/Containers/Data/Application/8C8E7EB0-BC9B-435B-8EF8-8F5560EB0693/Library
