1. we are hackers, our mission is to manipulate a system in such a way it will do what we want it to do, which is in none of the case a DoS. DoSing wont help you get access to a computer, ever! so forget about DoS exploits, which are fine for disgruntled n00bs who have some sort of beef with a specific target.
2. here some pointers, remember that access isnt always enough. the ultimate goals is root/admin rights, also known as rooting the box! here a few things of the 1000s that can be done: with null session you mean you gained access to a windows share right? next i would see if i had write permissions and upload (malicious) code, preferably in the language of a service i could access through another way (see where i am going with this?) try to access the filesystem to, if an old box, download the sam backup file to brute force login credentials offline. be creative and see what you can find (perhaps batch scripts that contain login credentials?)
CISSP, CEH, ECSA, OSCP, OSWP
earning my stripes appears to be a road i must travel alone...with a little help of EH.net