Well, a null session isn't necessarily going to give you much access if the machine is properly configured. If the machine has restrict anonymous settings configured, a null session should not be enough to enumerate users, shares, etc. Look into Cain and Abel, it has a very nice feature for working with null session connections.
Once you have done your recon and determined that the machine is a Windows box, and has NetBIOS running, your next step is to enumerate all of the running services and see if there are any vulnerabilities you can exploit. Look into Nessus. Their home feed is free. It will scan the machine and attempt to determine any vulnerabilities you can exploit.
Your next task becomes exploiting those vulnerabilities. You can looking the metasploit project, check milw0rm for any known exploits, etc. Your object is to "root" the box.
This is just one of the ways you can gain access to the box. Hackers will never take the hard route, they will find the easiest way of accessing the box. Look for any wireless connections that machine may established. You can attempt to extract credentials by getting the box to join a rogue wifi network you can create. You can also simply ask for the password. You can try a client-side attack vector as well. Your job here is to get around the security.