Basically an MITM attack is a method used to eavesdrop into the network to listen undisclosed between two systems. MITM is not the. This cyber-attack involves intercepting the traffic of data and communication between two or more hosts can either be manipulated, obstructed, or commonly passed through unnoticed to collectively harvest sensitive data. The attack may also be infiltrating to impersonate and phish for specific information. This type of attack can also be conducted with HTTPs by having an SSL connection with the attacker who then establishes another SSL with the web server. You may or may not get a warning regarding the validity of the certificate, depending if the attacker had either forged or signed with a trusted certificate authority (CA) with the common name (CN) from the website involved. MITM is a form of session hijacking exploiting real-time transmission between the targeted systems.

The following figure provides a visual aid of how an MITM attack works: