If you find the LILO prompt instead of the GRUB screen, use the option "init=/bin/sh" instead.<p>As already pointed, this is not an attacking method, but just a recovery method. From the POV of security, getting physical access to the console is already bad.
This was how the RHCE (Red Hat Certified Engineer) exam begun when I took it a few years back...<p>However, instead of selecting "recovery mode" you had to edit the boot line and add a "s" for single user mode.
If you have physical access to a Linux computer, then your options are unlimited. Manipulating grub could be one of it.<p>Things that come in my mind :<p>- Use USB Flash/CD to boot something else, mount the hard-drive and do some nasty stuff to passwd file.<p>- If you have your BIOS locked, you can simply remove the hard drive and use another box to do the same.<p>- If you got your BIOS locked with a password, you can simply remove the battery for 1-2 minutes and put it back!<p>- No access to the battery?! Remove the hard drive, boot from CD/usb key ( since there is no hard drive almost every BIOS will search for something to boot from ) and flash the BIOS :D<p>No system is secured if you have physical access to the hardware.
If you're in front of an HP-UX machine you want 'single user mode'.<p>(<a href="http://www.cyberciti.biz/faq/hpux-booting-into-single-user-mode/" rel="nofollow">http://www.cyberciti.biz/faq/hpux-booting-into-single-user-m...</a>)