Oh you sure can.

Settings > Accounts & Passwords > App & Website Passwords

Settings > Safari > Autofill > Saved Credit Cards

I stand corrected.

To nitpick, there is more data in the keychain than passwords and credit cards. But I think having all your passwords and credit cards exposed is probably bad enough.

But you could, for example, install a Trusted CA Cert and mitmproxy the connection to sniff the Google password as it’s used to login. Same with stored credit cards, etc.