I think they can crack the .rar file thru brute force, which only works with very weak password like "abcd".
However I am not sure if they can do the same with password like "ThIs!iSn%Xampl5".

Edit:
.zip file is not the same as .rar, as I know it.
.zip file is very weak encryption.
But the same can't be said with .rar file.