Swapper v1.3 [L1+Left]
D044F15C 0000FB7F
202CED04 08027C00
2009F000 27BDFFC0
2009F004 FFBF0040
2009F008 7FB30030
2009F00C 7FB20020
2009F010 7FB10010
2009F014 7FB00000
2009F018 3C100044
2009F01C 36100C38
2009F020 8E100000
2009F024 1200002B
2009F028 00000000
2009F02C 3C110009
2009F030 3631EF70
2009F034 8232000A
2009F038 12400018
2009F03C 00000000
2009F040 24190039
2009F044 12590020
2009F048 00000000
2009F04C 3C0E000A
2009F050 35CE0000
2009F054 8DD30000
2009F058 24080020
2009F05C 12680005
2009F060 00000000
2009F064 26730001
2009F068 ADD30000
2009F06C 10000019
2009F070 00000000
2009F074 0C14F85C
2009F078 0220202D
2009F07C AE020540
2009F080 3C0C6666
2009F084 358C6666
2009F088 AE0C0FCC
2009F08C 26520001
2009F090 A232000A
2009F094 1000000E
2009F098 00000000
2009F09C 3C086843
2009F0A0 35086955
2009F0A4 3C097954
2009F0A8 35297261
2009F0AC 3C0A0031
2009F0B0 354A6570
2009F0B4 AE280000
2009F0B8 AE290004
2009F0BC AE2A0008
2009F0C0 10000004
2009F0C4 00000000
2009F0C8 240F0031
2009F0CC A22F000A
2009F0D0 ADC00000
2009F0D4 DFBF0040
2009F0D8 7BB30030
2009F0DC 7BB20020
2009F0E0 7BB10010
2009F0E4 7BB00000
2009F0E8 03E00008
2009F0EC 27BD0040
D044F15C 0000FFFF
202CED04 03e00008
Respawn in place
20599110 00000000
address $2009f000
v1.3 Much shorter, less glitchy. Shoutout to renagade for the idea
credit: bismofunyuns
D044F15C 0000FB7F
202CED04 08027C00
2009F000 27BDFFC0
2009F004 FFBF0040
2009F008 7FB30030
2009F00C 7FB20020
2009F010 7FB10010
2009F014 7FB00000
2009F018 3C100044
2009F01C 36100C38
2009F020 8E100000
2009F024 1200002B
2009F028 00000000
2009F02C 3C110009
2009F030 3631EF70
2009F034 8232000A
2009F038 12400018
2009F03C 00000000
2009F040 24190039
2009F044 12590020
2009F048 00000000
2009F04C 3C0E000A
2009F050 35CE0000
2009F054 8DD30000
2009F058 24080020
2009F05C 12680005
2009F060 00000000
2009F064 26730001
2009F068 ADD30000
2009F06C 10000019
2009F070 00000000
2009F074 0C14F85C
2009F078 0220202D
2009F07C AE020540
2009F080 3C0C6666
2009F084 358C6666
2009F088 AE0C0FCC
2009F08C 26520001
2009F090 A232000A
2009F094 1000000E
2009F098 00000000
2009F09C 3C086843
2009F0A0 35086955
2009F0A4 3C097954
2009F0A8 35297261
2009F0AC 3C0A0031
2009F0B0 354A6570
2009F0B4 AE280000
2009F0B8 AE290004
2009F0BC AE2A0008
2009F0C0 10000004
2009F0C4 00000000
2009F0C8 240F0031
2009F0CC A22F000A
2009F0D0 ADC00000
2009F0D4 DFBF0040
2009F0D8 7BB30030
2009F0DC 7BB20020
2009F0E0 7BB10010
2009F0E4 7BB00000
2009F0E8 03E00008
2009F0EC 27BD0040
D044F15C 0000FFFF
202CED04 03e00008
Respawn in place
20599110 00000000
address $2009f000
Code:
addiu sp, sp, $ffc0 //remove 40bytes from stack sd ra, $0040(sp) //save return address onto stack on offset $0040 sq s3, $0030(sp) //save s3 onto stack at offset $0030 sq s2, $0020(sp) //save s2 onto stack at offset $0020 sq s1, $0010(sp) //save s1 onto stack at offset $0010 sq s0, $0000(sp) //save s0 onto stack at offset $0000 setreg s0, $00440c38 //load our player pointer address into s0 lw s0, $0000(s0) //load our player pointer address. 0=not in game, when in game it will point to our czsealobject beq s0, zero, :end //if we arent in game (=0) then exit the routine nop //first line after branch/jump gets loaded. we have nothing left to do if s0=0, so we just leave this as nop (do nothing) setreg s1, $0009ef70 //we will be storing our string for our character here. ("UiCharType1") The way this works is that in SOCOM 2, you have Type 1-Type 8 ("UiCharType1-8") lb s2, $000a(s1) //this loads the index of our model. so at offset $000a will be the byte "31-39" (00>31<6570) beq s2, zero, :print //first time through, this byte will equal zero. so when we press the joker the first time, we want to print "UiCharType1" nop //do nothing addiu t9, zero, $0039 //load $00000039 into t9 (last model. Chartype8 (0039) (00>39<6570) beq s2, t9, :reset //if we are on the last model, then reset back to chartype1 nop //do nothing setreg t1, $000a0000 //this will be our timer. so we are going to set t1 to address 000a0000 lw s3, $0000(t1) //load the data at 000a0000 into s3 addiu t0, zero, $0020 //set register t0 to $00000020 beq s3, t0, :fnc //if the timer (s3) equals 0020 then swap the character. nop addiu s3, s3, $0001 //increment s3 by 1. (the data at 000a0000) sw s3, $0000(t1) //store the incremented value at 000a0000. we want to keep incrementing the data at 000a0000 until it equals t0. (0020) beq zero, zero, :end //skip to end nop //do nothing fnc: //our character swapping function jal $0053e170 //this function gets our skin pointer. daddu a0, s1, zero //we want to pass s1 into the argument register. (s1 is the address holding "UiCharTypeX") so pass this into a0 because the function needs to know which model to get the pointer for. sw v0, $0540(s0) //the pointer for the skin is inside of v0, so we will store that pointer (v0) at offset $0540 (chartype inside our player pointer) *remember s0 has our player pointer setreg t4, $66666666 //load $66666666 into t4 sw t4, $0fcc(s0) //store $66666666 at offset $0fcc in player pointer.(this forces our character to respawn) addiu s2, s2, $0001 //increment our model index. so next time joker is pressed, it will switch to the next character in order sb s2, $000a(s1) //stores our incremented model index at offset $000a beq zero, zero, :timer //character is swapped and everything has been incremented and stored, skip to reset timer and end routine nop //do nothing print: //this prints our first "UiCharType1" when joker is pressed for the first time. setreg t0, $68436955 //loads $68436955 into t0 setreg t1, $79547261 // loads $79547261 into t1 setreg t2, $00316570 //loads $00316570 into t2 sw t0, $0000(s1) //store t0 at 0009ef70 sw t1, $0004(s1) //store t1 at 0009ef74 (offset $0004) sw t2, $0008(s1) //store t2 at 0009ef78 (Offset $0008) beq zero, zero, :end //skip to end routine nop reset: //when we are at the last character addiu t7, zero, $0031 //loads $00000031 into t7 sb t7, $000a(s1) //stores byte "31" at offset $000a timer: sw zero, $0000(t1) //stores 0 at 000a0000. resets our timer from 20 to 0 to restart the function end: ld ra, $0040(sp) //load our return address lq s3, $0030(sp) //load s3 lq s2, $0020(sp) //load s2 lq s1, $0010(sp) //load s1 lq s0, $0000(sp) //load s0 jr ra //exit routine addiu sp, sp, $0040 //return the 40 bytes to the stack
v1.3 Much shorter, less glitchy. Shoutout to renagade for the idea
credit: bismofunyuns
Comment